Exploiting Cryptocurrency Miners with OISNT Techniques

Arif Sari; Seyfullah Kilic

doi:10.14738/tnc.56.4083

Arif Sari Girne American University
Seyfullah Kilic SwordSec Inc., Ankara, Turkey,

DOI: https://doi.org/10.14738/tnc.56.4083

Abstract

Collection of intelligence is one of the key elements to organize more sophisticated methods of attacks. Open Source Intelligence (OSINT) is a technique used by attackers for reconnaissance purposes to gather information about specific targets. The accessibility to critical information about emerging systems through OSINT leads exposure of vulnerabilities and exploitation of these vulnerabilities to form widespread attack. Blockchain is one of the emerging technologies that exposed the use of crypto currencies such as Bitcoin and Ethereum. This research paper explains the use of OSINT to gather critical information about cryptocurrency miners such as Bitcoin Antminer and Ethereum Claymore and expose the vulnerabilities to exploit the configuration file of the miner manager. The research outcomes expose the vulnerability of the existing crypto currencies and use of OSINT for detection and analysis of cyber-threat in crypto currency market.

Author Biography

Arif Sari, Girne American University

Department of Management Information Systems, School of Applied Sciences, Girne American University

References

(2) Clare Sullivan, Eric Burger, E-residency and blockchain, In Computer Law & Security Review, Volume 33, Issue 4, 2017, Pages 470-481, ISSN 0267-3649, https://doi.org/10.1016/j.clsr.2017.03.016.

(3) Xiaoqi Li, Peng Jiang, Ting Chen, Xiapu Luo, Qiaoyan Wen, A survey on the security of blockchain systems, In Future Generation Computer Systems, 2017, , ISSN 0167-739X, https://doi.org/10.1016/j.future.2017.08.020.

(4) Nakamoto S: Bitcoin: A Peer-to-Peer Electronic Cash System. 2008.

(5) Due.com. (2017). How blockchain improves security and transaction times. Nasdaq. Retrieved from http://www.nasdaq.com/article/how-blockchain-improves-securityand-transaction-times-cm771339

(8) Mauro Conti, Ali Dehghantanha, Katrin Franke, Steve Watson, Internet of Things security and forensics: Challenges and opportunities, In Future Generation Computer Systems, Volume 78, Part 2, 2018, Pages 544-546, ISSN 0167-739X, https://doi.org/10.1016/j.future.2017.07.060.

(10) Steve Watson, Ali Dehghantanha, Digital forensics: the missing piece of the Internet of Things promise, In Computer Fraud & Security, Volume 2016, Issue 6, 2016, Pages 5-8, ISSN 1361-3723, https://doi.org/10.1016/S1361-3723(15)30045-2.

(16) M. Banerjee, J. Lee, K.-K.R. Choo, A blockchain future to Internet of Things security: A position paper, Digital Communications and Networks (2017), http://dx.doi.org/10.1016/j.dcan.2017.10.006.

(17) D. Quick, K.-K.R. Choo, Digital forensic intelligence: Data subsets and Open Source Intelligence (DFINT+OSINT): A timely and cohesive mix, Future Generation Computer Systems (2016), http://dx.doi.org/10.1016/j.future.2016.12.032

(18) IDC. The Digital Universe of Opportunities. Rich Data and Increasing Value of The Internet of Things. EMC Corporation; 2014 [updated, 2014; cited 2016 1 June]; Available from: http://www.emc.com/leadership/digital-universe/2014view/executive-summary.htm.

(19) Bitmain AntMiner, Bitcoin Antminer S9-13.5TH/s https://shop.bitmain.com/productDetail.htm?pid=00020171110160546640l4g92i60062E

(20) Claymore's Dual Ethereum AMD GPU Miner v10.0 (Windows/Linux) https://github.com/nanopool/Claymore-Dual-Miner/releases

(21) Netcat, The Nmap project. https://nmap.org/ncat/

(23) Alzubi, A. and Sari, A. (2016) Deployment of Hash Function to Enhance Message Integrity in Wireless Body Area Network (WBAN). Int. J. Communications, Network and System Sciences, Vol.9,No.12, pp. 613-621. http://dx.doi.org/10.4236/ijcns.2016.912047

(24) Sari, A., Rahnama, B., Eweoya, I., Agdelen, Z. (2016) Energizing the Advanced Encryption Standard (AES) for Better Performance. International Journal of Scientific & Engineering Research, Vol.7, No.4, pp.992-1000, ISSN 2229-5518.

(25) Rahnama, B., Sari, A., & Ghafour, M. Y. (2016). Countering RSA Vulnerabilities and Its Replacement by ECC: Elliptic Curve Cryptographic Scheme for Key Generation. In D. G., M. Singh, & M. Jayanthi (Eds.) Network Security Attacks and Countermeasures (pp. 270-312). Hershey,

PA: Information Science Reference. doi:10.4018/978-1-4666-8761-5.ch012

(26) Sari, A. and Karay, M. (2015) Reactive Data Security Approach and Review of Data Security Techniques in Wireless Networks. Int. J. Communications, Network and System Sciences, Vol.8, No.13, pp. 567-577. Doi: http://dx.doi.org/10.4236/ijcns.2015.813051.

(27) Sari, A. and Karay, M. (2015) Comparative Analysis of Wireless Security Protocols: WEP vs WPA. International Journal of Communications, Network and System Sciences, Vol. 8, No.12, pp. 483-491. doi: http://10.4236/ijcns.2015.812043.

(28) Sari, A., Onursal, O. and Akkaya, M. (2015) Review of the Security Issues in Vehicular Ad Hoc Net-works (VANET). Int. J. Communications, Network and System Sciences, Vol. 8, No.13, pp. 552-566. http://dx.doi.org

/10.4236/ijcns.2015.813050 .

(29) Cambazoglu, ?. and Sari, A. (2015) Collision Avoidance in Mobile Wireless Ad-Hoc Networks with Enhanced MACAW Protocol Suite. Int. J. Communications, Network and System Sciences, Vol.8, No.13, pp. 533-542. http://dx.doi.org/10.4236/ijcns.2015.813048.

(30) Kirencigil, B.Z., Yilmaz, O., Sari, A., (2016) Unified 3-tier Security Mechanism to Enhance Data Security in Mobile Wireless Networks. International Journal of Scientific & Engineering Research, Vol.7, No.4, pp. 1001-1011, ISSN 2229-5518.

(32) Yilmaz, O., Kirencigil, B.Z., Sari, A., (2016) VAN Based theoretical EDI Framework to enhance organizational data security for B2B transactions and comparison of B2B cryptographic application models.International Journal of Scientific & Engineering Research, Vol.7, No.4, pp. 1012-1020, ISSN 2229-5518.

doi:10.4018/978-1-4666-8345-7. April 2015.

(35) Sari, A. and Akkaya, M. (2015) Fault Tolerance Mechanisms in Distributed Systems. International Journal of Communications, Network and System Sciences, Vol.8, No.12, pp. 471-482. doi: http://10.4236/ijcns.2015.812042.

(38) Rahnama, B.; Sari, A.; Makvandi, R., "Countering PCIe Gen. 3 data transfer rate imperfection using serial data interconnect," Technological Advances in Electrical, Electronics and Computer Engineering (TAEECE), 2013 International Conference on , vol., no., pp.579,582, 9-11 May 2013 doi: http://doi.acm.org/10.1109/TAEECE.2013.6557339.

(39) Sari, A.; Rahnama, B., (2013) "Simulation of 802.11 Physical Layer Attacks in MANET," Computational Intelligence, Communication Systems and Networks (CICSyN), 2013 Fifth International Conference on , vol., no., pp.334,337, 5-7 June 2013, http://dx.doi.org/10.1109/CICSYN.2013.79 .