Two researchers have devised a cryptocurrency scheme dubbed DDoSCoin that pays everytime a user participates in a DDoS attack against certain servers.

The assistant professor at the University of Colorado Eric Wustrow and the phD student at the University of Michigan Benjamin VanderSloot have conducted a curious proof-of-concept project aimed at the creation of a cryptocurrency that pays when users participate in DDoS attacks.

Yes, it is not a joke, DDoSCoin is the name of the cryptocurrency that pays users that take part to DDoS attacks against TLS web servers.

Every time a TLS connection is confirmed, it is created a signature used to recognize the attacker’s activity.

The duo published a paper titled DDoSCoin: Cryptocurrency with a Malicious Proof-of-Work that details their efforts.

The DDoSCoin is equivalent to other cryptocurrencies like Bitcoin, with substantial difference that the mining process requests the participation in DDoS attacks.

“In this paper, we present DDoSCoin, which is a cryptocurrency with a malicious proof-of-work. DDoSCoin allows miners to prove that they have contributed to a distributed denial of service attack against specific target servers.” explained the researchers in the paper. “This proof involves making a large number of TLS connections to a target server, and using cryptographic responses to prove that a large number of connections has been made. Like proof-of-work puzzles, these proofs are inexpensive to verify, and can be made arbitrarily difficult to solve.”

DDoSCoin represents a novelty in the hacking landscape, it leverages on the ability of proving the use of bandwidth to a (potentially unwilling) target domain.

“Proof-of-DDoS can be used to replace proof-of-work in a cryptocurrency setting, provided that there is consensus around what victims are valid targets.”

In order to specify a target for mining activity, the virtual currency scheme introduces the payment opcode PAY_TO_DDOS. The PAY_TO_DDOS opcode takes two parameters in an output script: a string representing the server to attack, and a target difficulty corresponding to the amount of connections the payer wishes to be made.

“In order to allow victims to be (temporarily) selected for DoS, DDoSCoin allows “bounties” for targeting specific servers. To accomplish this, DDoSCoin introduces a new payment opcode, PAY_TO_DDOS, that can be used in transactions subject to certain constraints” states the paper.

We all known that DDoS booters are considered precious commodities in the criminal underground, currencies like DDoSCoin can be abused for bad purposes.

I suggest you to read the paper … it is very interesting.

Pierluigi Paganini

(Security Affairs – DDoSCoin, virtual currency)

Share this...

Linkedin Reddit Pinterest

Share On