The“Bitcoin Generator Scam”(BGS)is a cyberattack in which scammers promise to provide victims with free cryptocurrencies in exchange for a small mining fee.In this paper,we present a data-driven system to detect,tra...The“Bitcoin Generator Scam”(BGS)is a cyberattack in which scammers promise to provide victims with free cryptocurrencies in exchange for a small mining fee.In this paper,we present a data-driven system to detect,track,and analyze the BGS.It works as follows:we first formulate search queries related to BGS and use search engines to find potential instances of the scam.We then use a crawler to access these pages and a classifier to differentiate actual scam instances from benign pages.Last,we automatically monitor the BGS instances to extract the cryptocurrency addresses used in the scam.A unique feature of our system is that it proactively searches for and detects the scam pages.Thus,we can find addresses that have not yet received any transactions.Our data collection project spanned 16 months,from November 2019 to February 2021.We uncovered more than 8,000 cryptocurrency addresses directly associated with the scam,hosted on over 1,000 domains.Overall,these addresses have received around 8.7 million USD,with an average of 49.24 USD per transaction.Over 70%of the active addresses that we are capturing are detected before they receive any transactions,that is,before anyone is victimized.We also present some post-processing analysis of the dataset that we have captured to aggregate attacks that can be reasonably confidently linked to the same attacker or group.Our system is one of the first academic feeds to the APWG eCrime Exchange database.It has been actively and automatically feeding the database since November 2020.展开更多
The Bisq Trade Protocol and the Bisq DAO(decentralised autonomous organisation)are core components of Bisq,a decentralised cryptocurrency exchange.The Bisq Trade Protocol systematises the peer-to-peer trading of Bitco...The Bisq Trade Protocol and the Bisq DAO(decentralised autonomous organisation)are core components of Bisq,a decentralised cryptocurrency exchange.The Bisq Trade Protocol systematises the peer-to-peer trading of Bitcoin for other currencies and the Bisq DAO decentralises the governance and finance functions of the entire exchange.However,by following the Bisq Trade Protocol and interacting with the Bisq DAO,participants necessarily publish data to the Bitcoin blockchain and broadcast additional data to the Bisq peer-to-peer network.We examine the privacy cost to participants in sharing this data.Specifically,we use novel address clustering heuristics to construct the one-to-many mappings from participants to addresses on the Bitcoin blockchain and augment the address clusters with data stored within the Bisq peer-to-peer network.We describe address clustering heuristics for both the Bisq Trade Protocol and the Bisq DAO.We show that the heuristics aggregate activity performed by each participant:trading,voting,transfers,etc.We identify instances where participants are operating under multiple aliases,some of which are real-world names.We identify the dominant transactors and their role in a two-sided market.We conclude with suggestions to better protect the privacy of participants in the future.展开更多
基金This work was supported in part by Canada's Natural Sciences and Engineering Research Council(grant number“CRDPJ 539938-19”)and IBM Centre for Advanced Studies(CAS)Canada(grant number“1059”).
文摘The“Bitcoin Generator Scam”(BGS)is a cyberattack in which scammers promise to provide victims with free cryptocurrencies in exchange for a small mining fee.In this paper,we present a data-driven system to detect,track,and analyze the BGS.It works as follows:we first formulate search queries related to BGS and use search engines to find potential instances of the scam.We then use a crawler to access these pages and a classifier to differentiate actual scam instances from benign pages.Last,we automatically monitor the BGS instances to extract the cryptocurrency addresses used in the scam.A unique feature of our system is that it proactively searches for and detects the scam pages.Thus,we can find addresses that have not yet received any transactions.Our data collection project spanned 16 months,from November 2019 to February 2021.We uncovered more than 8,000 cryptocurrency addresses directly associated with the scam,hosted on over 1,000 domains.Overall,these addresses have received around 8.7 million USD,with an average of 49.24 USD per transaction.Over 70%of the active addresses that we are capturing are detected before they receive any transactions,that is,before anyone is victimized.We also present some post-processing analysis of the dataset that we have captured to aggregate attacks that can be reasonably confidently linked to the same attacker or group.Our system is one of the first academic feeds to the APWG eCrime Exchange database.It has been actively and automatically feeding the database since November 2020.
文摘The Bisq Trade Protocol and the Bisq DAO(decentralised autonomous organisation)are core components of Bisq,a decentralised cryptocurrency exchange.The Bisq Trade Protocol systematises the peer-to-peer trading of Bitcoin for other currencies and the Bisq DAO decentralises the governance and finance functions of the entire exchange.However,by following the Bisq Trade Protocol and interacting with the Bisq DAO,participants necessarily publish data to the Bitcoin blockchain and broadcast additional data to the Bisq peer-to-peer network.We examine the privacy cost to participants in sharing this data.Specifically,we use novel address clustering heuristics to construct the one-to-many mappings from participants to addresses on the Bitcoin blockchain and augment the address clusters with data stored within the Bisq peer-to-peer network.We describe address clustering heuristics for both the Bisq Trade Protocol and the Bisq DAO.We show that the heuristics aggregate activity performed by each participant:trading,voting,transfers,etc.We identify instances where participants are operating under multiple aliases,some of which are real-world names.We identify the dominant transactors and their role in a two-sided market.We conclude with suggestions to better protect the privacy of participants in the future.
