BSidesCharm 2022 - The Uncensorable Stack: Malicious Applications of Blockchain Tech

foreign

so uh thank you all for coming hopefully you had a great b-sides this is actually my first besides charm so excited to be here really love the venue Good Vibes all around today we're going to be talking about the uncensorable stack malicious applications of blockchain technology and as I talked about before not going to be shielding any coins here we're going to be really diving into the technicals of a bunch of different blockchain Technologies to see how adversaries might be able to use them to carry out some nefarious purposes so quick who am I uh currently a senior security engineer at blockfi leading their cyber threat intelligence program uh previously I worked at the miter

corporation on the miter attack evaluations this was doing some adversary emulation work against different EDR vendors and mapping against uh you know apt-29 fin 7 Etc and then and uh that was half my work and then the other half of my work I developed a blockchain and cryptocurrency capabilities for law enforcement and for fun I've been training for an Ironman in June uh 70.3 Iron Man and man that is a time commitment and one not one that I expected so high level agenda uh first we're going to cover some CTI derived examples of adversaries using blockchain technology in the wild look at what has happened in the past and what is currently happening next we're going to

go into what exactly are some of the properties of blockchain technology and how are those properties likely to be leveraged by threat actors to carry out nefarious purposes and level up their tradecraft and last we're going to describe the components of what I would call a user-friendly unsensorable application an application that can be deployed and will be deployed using both a blockchain for DNS a blockchain for compute and another blockchain for storage integrating all of these together in a decentralized virtually uncensorable application and we'll talk about the different components of each of those and get into why you're going to get some really strong censorship resistant guarantees by using this blockchain technology over your traditional like

centralized providers or even something like relying on bulletproof hosting so diving into some of the CTI derived examples uh we're going to start with you know what many of you may have seen already and likely have seen so very basic uh talking about crypto jacking this is when a threat actor compromises a machine and begins to use that machine's resources typically the CPU to mine cryptocurrency this is a typically what you'll see with like privacy coins such as Monero where they're more friendly to use those CPU resources in order to mine participate in the network and collect cryptocurrency for rewards of their mining next something called crypto clipping this is where your clipboard is not safe let's say that you

want to send some cryptocurrency to a friend you go ahead you open up your wallet of choice where your private keys are stored you your friend gives them your their cryptocurrency address and you go you copy it and you attempt to paste it into whatever wallet that you'd like to start to send funds to them now what this malware does is it actively monitors your clipboard to see in regex fingerprint a cryptocurrency address so when it sees one in there it's actually going to replace it with that malware author's cryptocurrency address and hoping that the user doesn't catch that the address has been changed you'll find that these come in the form of like hex

strings so they're really hard unless you're really paying attention to catch the difference between one and another if you're moving quickly you're likely to get taken advantage of this this was uh some research put out by checkpoint on the uh botnet that was actually monitoring 30 different types or 30 different blockchains for those cryptocurrency addresses so that they could swap them out and then lastly um before we dive into some specific blockchain-based capability capabilities we've got trojanizing cryptocurrency applications so blue norov and apt group out of North Korea was dropping backdoor versions of metamask which is a popular ethereum wallet where instead of pointing to the Chrome web store for your Chrome extension where you would

have this metamask wallet they actually would go into Dev tools and point your browser to a locally backdoored version of metamask that was dropped on disk and the purpose of this was that when you go and unlock your metamask wallet you're going to be putting in your seed phrase which can be used for essentially think of it like your private key and uh they will go take that private key send it upstream and immediately start training all funds related to that wallet so um the next version is kind of like backdooring versions of cryptocurrency trading applications so again uh this is actually a report put out from sisa very recently about a North Korean state-sponsored apt group that was

compiling electron.js applications to look like popular cryptocurrency trading software and with the same goal in mind to essentially get the private keys and be able to sweep funds out of those wallets next we're going to be talking about the actual okay how do we use blockchain itself or how have adversaries been using blockchain itself uh to be resilient in their command and control so this is an example of an IP address for command control servers that were encoded within the amount of Bitcoin held at a specific Bitcoin receiving address so you can see here hopefully no oh all right so the balance section you'll see at the bottom what this malware would do is it would first go to

a public blockchain Explorer at a specific cryptocurrency address it would get the balance at that address it would convert that balance to hex it would then substring a portion out of that hex convert that to an integer and then lastly concatenate a decimal and do this for each octet of an IP address so be able to take the balance that you see here and convert it into an IP address so this is just a reminder that Bitcoin address transactions are virtually uncensorable right we know that this is happening and you can see the transactions that are going to this wallet because all this blockchain technology is public but there's nothing we can actively do to stop them from

making these transactions next on a research section so a number of years ago a few researchers put out a paper called Zombie coin and this is powering the next generation of botnets with something called Bitcoin script so for those of you who don't know uh Bitcoin actually has a scripting language built into it um not two um or a little similar to that of ethereum if you heard about smart contracts which we'll talk about a little later in the talk but it is very limited uh there's just some basic logic and math in their package in those Bitcoin transactions and it's not turning complete and this is by Design as compared to something like ethereum

in order to limit the attack surface of what you can really do and exploit within this Bitcoin script you know in ethereum you're hearing about exploits of different D5 projects you know basically every week hundreds of millions of dollars and that's a bit in part because there's so much flexibility within the language that developers end up shooting themselves in the foot and coding in vulnerabilities and we don't quite have enough tools to check for those yet and so one of the Bitcoins in Bitcoin script we have op codes and a specific op code that the the paper mentions is the op return and this is where you're actually able to store bytes of data within a transaction so in the image

below I know it might be a little bit hard to see for those in the back but essentially you've got a bot master who has a botnet that is operating out in the wild and the spotmaster can then create a transaction and inside that transaction leverage the op return code to store some data in there they can store a domain they can they can even store a command um such as you know I want you to begin xfilling this data so they can store that create a transaction propagate that out to the Bitcoin Network and then like we saw previously in the last slide those Bots can pick up that transaction right all of this is happening on a peer-to-peer

system that's publicly available and those Bots will then read the data that's in that op return code and be able to start executing that command so proxying that command and control execution through the Bitcoin blockchain and more recently we actually saw an implementation of this so first we had a research paper where some researchers were theorizing how it might be leveraged and now we're seeing actual apt groups uh going out and leveraging it so this was uh I couldn't really pronounce it's like globetiba I don't know how to say it I actually put it into Google to see how to say it and it turns out whoever named this uh just called them stupid so that was kind

of interesting uh and apparently it's Croatian in case you were curious so we have the blockchain transaction operator code data and in this instance was essentially decrypted using AES 256 encryption and it was providing a backup command or domain name to execute so it's a little might be hard to see in the back but the red section is the IV and this is actually in a transaction that was put on the Bitcoin blockchain in that Hopper turn code so the red section is the initialization Vector for that AES encryption the last 16 bytes is specifying the mode which in this case was GCM and the middle section is actually that encrypted domain for this specific malware uh the

decryption key was hard-coded within the implant itself so that malware go out would go out look to the Bitcoin blockchain source and pull that op return data decrypt it and was able to execute whatever command was embedded within that Bitcoin transaction now we talked about Bitcoin and we're not this is this is not only going to be a Bitcoin blockchain talk we're going to see how exactly do we use some of the other blockchain technology that's out there um to create a um a fully sensorable or uncensorable stack so an example of this is we start talking about okay what does it look like if you have DNS capabilities backed by a blockchain and so there's one out there it's called

namecoin and in this instance we're going to dive into the Shifu banking Trojan so the Shifu banking Trojan leverages namecoin which is a decentralized domain blockchain and uh specifically for subdomains underneath the dot bit TLD in this instance that banking Trojan was able to retrieve IP addresses for the command and control server based on what the name coin node would respond with so if you take a look at the bottom here we start with any public name coin node so you can think of a name coin no just like a blockchain node or a Bitcoin node except it's running two different Services the first service is called named coin D this service essentially is going to be running your blockchain

Daemon this is where you're going to have transactions and these transactions are actually going to be DNS records that are set so if I own a private key and I want to purchase a DOT bit TLD I can do so on the name coin blockchain and I can also set your typical DNS record so I can set a records AAA records text records and this is done through creating transactions on the name coin blockchain next we have the name coin resolver and the purpose of the resolver here is to actually check the blockchain as a source of Truth so it will say okay it receives a query in this case from the Shifu banking Trojan

for a specific domain.bit address the resolver is then going to resolve whatever DNS request is coming in by looking to the blockchain and saying okay what record what a record is on the blockchain for that specific dot bit TLD now I want to stress here that um in this instance they were using any public name coin node remember these are peer-to-peer systems so there are you know hundreds of people who are operating these nodes uh surely because they want to participate in you know the name coin community so it's not relying on any single point or single server to resolve these queries and if you're a malicious operator you can stand up your own too there's nothing saying that you

can't host some of your own local infrastructure for this it's all open source code next we have uh so what actually makes um a good you know blockchain in terms of this uncensorable application what might be next what might we see for some threat actors and to better understand what we might see in the future let's take a look at what are some blockchain Properties or properties of blockchains that uh can be leveraged by an attacker so what are blockchains good at well they're incredibly resilient this comes in two forms both their peer-to-peer Network where there's a number of different public nodes that are all talking to each other and then you have the consensus layer which is they're all

agreeing on the transactions that are happening on the network this is either done through proof of work proof of stake there's a bunch of different ones out there we won't get into the specifics today and essentially the consensus layer structures it in such that it's irreversible right especially for some of the more well-known blockchains so when we're talking about Bitcoin ethereum um if you want to like 51 attack those um where essentially you're able to amass um a large stake in the network such that you can control what is happening on the blockchain Today the game theory behind that is such that it's you know incredibly unlikely that someone is going to be able to change the records

on like the Bitcoin blockchain for instance to give you a sense of scale we're talking like trillions of dollars and um of buying different types of um mining Hardware which isn't exactly going to be something that happens you know quietly next it's also verifiable in that users can self-host all of this infrastructure themselves I don't have to trust on any third party I can download the software I can let the software verify the blockchain and do so on my local network and these properties together make it so that it's effectively uncensorable I talked about Bitcoin transactions before there's no one no one including governments are really going to be able to stop me from broadcasting a Bitcoin

transaction Network or a transaction to the Bitcoin Network now let's take a look at what are blockchain's bad at well they're incredibly slow so block block times are how long it takes to actually append some of that data to the blockchain in this instance on bitcoin that's going to be about 10 minutes ethereum much less you know between 8 and 15 seconds also if you want to host the node infrastructure yourself it's going to take a while to sync all of the previous transactions meaning bitcoin's been around for a while if you want to verify that whole transaction set that came before you that's going to take um quite a bit of time SSD recommended

you're probably going to be waiting at least in upwards of a week if you're doing it on a hard drive and because of this there's moderate self-hosting resource requirements like I said before you're going to need SSD the Bitcoin blockchain itself I believe is going to be around like 650 gigs if you want to host it all yourself um in ethereum if you want to host a whole entire state of the ethereum network and run a full node that's going to be on the order of like two terabytes granted not everyone is going to be doing that there's lighter version and lighter clients that you can do to get around that but point being it's going

to take a lot of resources and uh you can also not really or are limited by the transaction size and storage so I talked about before about using this for command and control you can think of this as like a one-way Direction you're not going to be able to really exfiltrate data through a blockchain typically because it actually costs you money to write data to that blockchain right you have to pay miners fees in order for your data to be preserved on that blockchain Network now in ethereum's example you can actually read data from that blockchain for free so there's a number of public ethereum nodes which we'll talk about later in the talk where you can request data from

them and they will just happily answer that question for you as long as you're not writing a new state you're not writing any data to the blockchain so now we're going to dive into um you know what does a tech stack look like for an uncensorable application when I talk about tech stack I'm referring to a blockchain at each one of these different layers and let's start to think about how an adversary might use some of these to carry out a nefarious purpose so we're going to start with DNS DNS really here is only here for a clean UI ux experience it's a human readable it's human readable for visitors and implants like so this is where I talked about

previously where we've got namecoin which is using a decentralized DNS service and what we're going to be talking about later is handshake you can think of these as basically the same except handshake improves upon what was already done in namecoin next we're going to be talking about compute this is the real nuts and bolts where the financial logic and command and control is really going to exist and Thrive just for the purposes of this talk we're only going to be talking about ethereum and using that as a smart contract layer but you can use any type of smart contract platform that you know your heart desires they all have pros and cons to each of them and really this is the only

required layer at the time at this time meaning the DNS layer and the storage layer are really only to make it more human readable and provide a better UI ux experience for some of our customers that we'll go into later lastly it's uh storage so storage is going to be again for our UI ux experience and this is where we can actually deliver a complete HTML CSS JavaScript to a client so such that if you browse to one of these sites you're going to be able to host and render all of the that website that was delivered from a decentralized storage Network to your browser locally and this is going to include some web free

libraries that we're going to use in Integrations with ethereum such that you know if you want to create a ethereum transaction by hand to interact with some of the command and control that we talked about before it's incredibly technical to do so and so if you're trying to provide a service to people in a nefarious application you want to be able to attract people with a clean UI ux experience so that you can boost up those those numbers and get some higher margin so quick roadmap the first thing we're going to be talking about is a DNS name coin and handshake all right so blockchain based DNS I introduced namecoin before you can think of it as a

fork of Bitcoin with a few added op codes in order to support uh the DNS service that it is providing it uses a blockchain for a record of ownership where if you control the private key you're able to update records for any domain for for a DOT bit TLD on the name coin blockchain and those resolvers are going to look at that blockchain for a source of Truth it honestly it fell out of favor uh due to domain sniping and squatting with no intention to use so we talk about you know you see very common in this industry or in crypto really is people are buying things with an expectation that they're going to appreciate in

value they're speculating and name coin essentially became victim to that where uh people were coming in buying all of these domains and developers who actually wanted to build things on top of this platform found themselves unable to actually get domains that they would like and so it kind of fell out of favor and because it's open source and there's other projects out there they eventually went over to handshake so handshake essentially is the same premise as namecoin but with a few added benefits for instance it uses a victory auction to allow buyers to actually bid for tlds of their choice and when I say tlds of your choice I'm referring to any Unicode string that you can think of you

can own as a DOT TLD so it's pretty crazy to think about we'll talk about later how essentially like I tried to buy uh I tried to buy besides charm or b-sides as a you know a top level domain and it was already taken so didn't get it for this talk but I'm sure you guys can think of many other Unicode strings that you might want to own at a top level domain level and so this is essentially a decentralized root zone of trust uh pretty equivalent to that of icann uh while being interoperable with existing tlds so for instance you can't buy.com right at least not on the handshake um service so now we have blockchain

based uh censorship resistant domains and remember we can uh this can be locally run and verified with no Central Authority if I want to stand up my own handshake node I can do that right I can resolve my own queries on my own local network if I choose to trust third parties and all of the public ethereum or handshake nodes that are out there I can do that too there's a list of public resolvers that anyone can use and so this adds to the resiliency the uncensorableness because if anyone can stand up a server and you can leverage any of those public nodes then it's going to be much harder to take down as a whole and it's got an added benefit of

DNS over https so let's take a look at handshake since it's the most popular and the most user friendly so if you actually want to buy one of these tlds you're going to use something that's basically akin to an exchange so the one that I was using is called name base and on name base you can think of them as an auction proxy remember I talked about that Victory auction before well they provide a website for you to participate in that auction process in a very easy way so you're not creating the transactions yourself to on the handshake blockchain you're using them to create those transactions to purchase a TLD for you and for this instance I bought clippy

because look how cute he is I mean who doesn't love clippy and so uh on clippy um I am able to set uh send transactions to the handshake blockchain to um you know set an a record set a cname record text record and even Skylinks and when I say Skylinks we'll talk about that later when we talk about the storage layer but uh that's going to come in handy when we're trying to provide that clean UI ux experience for our decentralized and censorship resistant application and so if you look at the bottom here if you make a DNS request to a and that IP address that you see is actually a public handshake resolver one of many if you

specifically look clippy and specified any records you'll be able to see that hey there's some records in here that I set before right so you've got your a records your txt records there's actually you can see a misconfigured record that's the sky link that I'm talking about uh before and we now have a blockchain based censorship resistant domain at the TLD level all right so that's a high level uh talking about DNS next we're going to be talking about ethereum and the compute layer so very high level um looking at ethereum so ethereum is a smart contract platform and what this essentially means is that we can use a programming language for ethereum it is

solidity which you can see an example of some of that code on the left and it allows you to compile code and deploy it to the blockchain and you can then interact with that code and the functions that you've written through transactions so remember it's free to actually read data from the blockchain so if you create a function it might be a little hard to see the code but in the bottom you can see that there is a retrieve function which just returns a number this is a very simple program calling that function is going to be free it doesn't cost anything now if you actually want to write State such as the the store function here to store a

number that is where you're actually going to be paying a mining fee or transaction fee alongside providing the parameter to that function of whatever number that you'd like to store we also um so you can't store small amounts of data the more data you store the more expensive it's going to get and we also have the ability to emit events when functions are called so you can think of this like Pub sub where if I have a program I can hook a specific function uh on a smart contract wait for an event to be emitted and then my program can take an action based on that fitted event emitted event and I can do this through any number of

those public ethereum nodes again going back to you know the decentralized nature of this this is all peer-to-peer there's 2400 public get nodes which is a version of ethereum and um we'll be able to answer uh those uh questions depending on how they're configured so if I want to get a specific value in a smart contract I can essentially ask any public ethereum node hey what's the value in that specific function so now we're going to talk about um I know we've introduced introduced smart contracts how can we use these for command and control how can a botnet take advantage of something like smart contracts to add that layer of resiliency and really take advantage of

those uh the positives on the blockchain properties that we talked about previously so in the bottom left we have our threat actor here and that threat actor is going to create a smart contract and inside this smart contract they're going to put some functions in there such as you know writing state for I want you to execute this command for a bot to later pick up and read the value of that variable right so they're going to deploy the smart contract to the ethereum blockchain next they're going to create their botnet right they're going to infect some posts they're going to put a specific implant on those hosts which will be able to read ethereum and that

specific smart contract that implant is then going to look out to the open internet either scanning or through a hard-coded list and start finding all of these public ethereum nodes there's uh you know thousands of them out there and it's going to leverage them and connect to one um seemingly at random And subscribe to that specific omitted event right it's going to look in the smart contract say okay when this function is called I'm going to do something I'm going to execute a command and it's going to subscribe to those events in that contract next the threat actor is then going to you know issue a command right it's going they're going to create a

transaction which is going to set a value in that smart contract once that has been set the event gets emitted and flows all the way back down to the that compromise botnet which is then going to pick up that event and execute whatever command or instruction was put forth by the bot master there so in this setup the botmaster doesn't need to host any of their own infrastructure right they're leveraging this this peer-to-peer network of public ethereum nodes in order for their implant to act and be censorship resistant right all of these transactions no individual or government agency is really going to be able to censor these transactions from hitting that ethereum Network so now that we kind of introduced

um the compute layer we'll take a look at storage and this is done through ipfs and the Scion Network and I'll explain both of those coming up here so let's take a look at the early stages of decentralized storage it's actually you know when it comes to ipfs it's been around for a little bit longer but the as far as pure blockchain based decentralized storage it's still a pretty like New Field there's still a lot of development going on and there's a particular problem that happens with a lot of these decentralized applications where if those of you who are familiar with ethereum and you know are referencing a bunch of tokens and you want to trade tokens and swap one token

for another you do that using a decentralized exchange and these decentralized exchanges the front end that HTML CSS JavaScript is actually hosted on typical Cloud providers your AWS your gcp your Azure and because of this that from a censorship perspective they can be taken offline right at least the front end can be taken offline not the back end compute layer of the application so that's kind of like the the base layer and problem here where there's still the ability to censor one layer of this decentralized stack so ipfs was kind of the first one to come on the scene and try to solve us um you can see by the link there where there's a uh you look towards the end of

the link this is an ipfs Gateway that's hosted by cloudflare and it introduces the content or concept of content addressed storage so I have a website I can effectively hash that website and then ask any public ipfs Gateway can you give me the data that exists at this hash and if they are storing it then they'll be able to serve that content and that you can do this by accessing accessing a Gateway that's closest to you however there's a problem with this and the problem is that these gateways are essentially run by the community to run for free right is someone you're essentially need to convince someone that your data is important enough to store and if you

can't convince anyone that means you have to host it yourself and this doesn't really fall in line with our ability to really have censorship resistant data because if there's a you know if you're the only one who's hosting it and you're the only one that cares about your application that's a single point of failure that can be censored so uh if you don't want to run a gateway then at least you have to convince someone else next we talk about how do we solve this we solve this using the Saya blockchain and this is where decentralized storage comes into play ipfs itself wasn't actually using a blockchain but now we're going to be moving this over to a

blockchain based system and Saya has two components to it Saya has renters and these are people who want to buy storage and they have hosts these are people who have a bunch of hard drives and are looking to sell the storage that they have to renters the renter will essentially sign a contract with the host where the host is advertising the price that they would like to sell storage at and they put up an amount of collateral such that they're essentially financially promising that they're going to store this data or risk losing that collateral if they fail a storage proof so the renter after signing a contract with the host can then begin uploading their data to a number of hosts this is

distributed depending on what redundancy level you're looking for I believe the default is 30 hosts but essentially you can choose every host in the network if you like because you're the one who's paying for it and the hosts are able to set storage and bandwidth pricing and the key difference here is the contracts which are very similar to ethereum Smart contracts which is how psya does this and storage proofs are what actually gets written to the blockchain so in a similar way like you're deploying an ethereum smart contract on the sci Network you're just you're deploying a storage contract and the data itself is actually stored on the host hard drives and not the blockchain so as long as someone is

paying for that data it will get stored right so if I I don't need to host any infrastructure myself if I choose not to someone else is doing that for me but I'm paying them in the form of psiacoin in this instance currently there are 723 hosts storing about you know 2.6 petabytes of data with a total network capacity of a 7.8 petabytes and so when we talk about okay how is this data stored at a very high level it's uses something called Erasure coding and we have Bob here and Bob is going to take that file that uh he wants stored and split it up into a bunch of different chunks and and uh redundant

chunks I might add and each one of these chunks is going to be encrypted and uploaded to three hosts 100 hosts however many hosts that really Bob chooses and Bob is going to set essentially a redundancy scheme such that there are only 10 of let's say 60 hosts need to be online for Bob to recover their entire file so you know if a couple hosts go down that's fine you can essentially keep the file health healthy by propagating it to more hosts over time so how many of you have heard of Firefox scent I loved Firefox end very easy sharing a file sharing platform unfortunately Mozilla took it offline and they took it offline because as you might guess

people were storing malware on it and serving malware from it it allowed you to locally encrypt a file uh upload it to their platform and have someone else by sharing a link uh download and decrypt that file so this is kind of like uh what Skynet now comes in and it fills this neat so it's file sharing built on top of Saya so it uses the that psya host uh Marketplace that I talked about previously and now we get essentially ipfs file sharing backed by a blockchain and it's done instead of you know trying to convince someone to store your data you can now pay someone to store that data for you unlike ipfs so as long as

one person is paying to pin that content to the network it doesn't have to be you it could be someone else that content will continue to exist because those hosts are receiving payments to store it and they're financially incentivized to keep storing that data as long as they're receiving payments so this allows us to share anything right we can even share folders of content to include static websites and you might see where I'm starting to go with this so um giving a little bit of a preview you'll see the link and I've got some highlights underneath here where the beginning portion of that link is actually where it's integrating handshake so remember I talked about

having your own top level domain on the handshake blockchain well in this case someone purchased a sky send on the handshake blockchain the link here provided the second the green section is saying we're going to specify the handshake protocol protocol and then in the blue section you see sciasky.net and this is very similar to and what exists at the site is very similar to ipfs gateways this is a portal which is essentially going to be proxying the request for you going out to that host Network and retrieving the file that you are providing that hash for right so again you don't have to trust this science guy.net to go and fetch those files for you on this is blockchain you

can host this infrastructure yourself so again adding to the resiliency adding to the self verifiableness so if we go here let's open it up quickly you see this is uh very similar to Firefox scent right this is all served you know when I talk about those that host Network what uh what's Happening Here is science guy.net is reaching out to that host Network it is grabbing all of the HTML CSS JavaScript that is deployed out on that Network it is getting it together for us and then serving it to us in a way that the browser can render right so now I can upload a file to this decentralized website I can um essentially have it be

self-encrypted and then share that file with someone else that I would like to right and again this is I don't trust anyone in this whole exchange if I want to host all of this infrastructure myself if I want to you know not trust science guy.net I can host this myself

and you'll see down here right so there's a number of different uh portals that you can go to so when I talk about content address storage uh in this instance you know you can go to sciasky.net or I can go to fileportal.org I can provide that same you know Sky send TLD to this protocol and I get the same website so again it shows the interoperability where I can go to any number of these public nodes and get the same result so now we're going to put this all together you know I talked about having a DNS layer which is stored by a blockchain a compute layer which is backed by ethereum and then a storage

layer where we can actually deliver a user experience a client experience in a way that they don't need to trust anyone so we're going to dive into one of the nefarious applications that I came up with which is distributed distributed denial of service as a service you know you're a bot master you've got some Bots you want to sell denial of service services to get a higher margin instead of your crypto jacket right but the problem is you don't trust anyone and so what you might be able to do is leverage an uncensorable stack to sell your botnet services to someone without having to trust you at all so you know shut up and take my money

let's go let's get into it so we're walking you through it um this is we're going to go from the perspective of the bot master right how are they going to sell this service right they've got a botnet they want to monetize it and they want to monetize it in a trustless way so first off they're going to deploy a smart contract right they're going to deploy to the ethereum network like I talked about previously they're going to have some functions in there and one function is going to say um anyone can call this function and if they're called with you know a value that's greater than 0.1 ether then and is provided a domain then the bot will

go and pick up that domain and begin a denial of service on it so now that that botmaster is going to compromise a bunch of hosts right you need you need in some resources to actually begin your denial of service attack all of those hosts like I talked about previously are going to scan the internet they're going to find some public ethereum nodes to visit and they're visiting them with the intent to subscribe to that function in that smart contract such that if someone does you know place an order to denial of service a website those Bots are going to be able to pick up that order because they subscribe to that function next um we're going to bring in the storage

and DNS layer where our threat actor is going to deploy a website right so they're going to deploy a website where it's static where anyone can be able to visit it using local infrastructure that they're running themselves and they're deploying this website to provide a clean UI ux experience to make it easy for their customers and lastly they're going to buy that handshake domain right so it gives them a human readable domain that they're able to advertise on you know their um malicious Forum or you know rest in peace rate forums whatever Dark Net Market Forum you want right so they're going to be able to advertise their website hey say no don't worry about it

go right here you're going to be able to buy some denial of service services now let's look at it from the buyer's perspective right for them it's going to be pretty easy right they're going to connect to a Skynet site remember they don't have to host any of they can choose to host this infrastructure if they want they don't have to trust the site that they're visiting um next the website is then going to provide a clean UI ux experience for them to create a transaction right they don't need to be that technical all they really need to do is know how to download metamask and buy submit Theory the website is going to help them create

a transaction and what's going to be in that transaction is you know a fee to pay for the service as well as the domain that they would like to denial of service once that transaction is submitted then that um the bot is going to get that event right it's already subscribed to that function it's like cool someone just paid for a server so I'm ready to go I'm ready to rock let me start denialing of service that website and you notice all of this was done without any intermediaries right the contract exists on that ethereum Network the um the botmaster didn't have to approve anything it doesn't take anything there's no interactions or trusting parties between these sellers right it

can be done in a way such that the buyer of service may only pay for a very small amount of uh denial of service capacity to just prove out that yeah in fact there is a botnet behind this right they can scale up or scale down depending on how much they trust the service and slowly build up trust with more payments and more credibility within the smart contract platform so um you've got a seller service which essentially amounts to this smart contract right smart contract is what's doing the heavy lifting here and you have the buyer of that service which is essentially just going to have that uh wallet now hopefully we'll see so as I

talked about before I bought clippy so let's gonna see if we can demo this for you there's a small chance this might not work looks like uh it did not update the h s portion because unfortunately blockchains are slow and I was making some edits before this talk but don't worry we've got without the human readable domain but still hosted on the decentralized storage Network we have our welcome to evil Corp this is a functional trustless denial of service e-commerce platform and what you're going to do is you go down to here and say okay well you know again I can host this infrastructure myself and visit it so how do we actually buy these Services

go ahead and install metamask you buy some ethereum you know you pay the fee and provide a domain to begin denial of servicing and the Bots will take care of the rest so go back up here we'll go ahead and I'm going to act as the buyer in this situation so I've got my metamask wallet and you'll see up here I have some test net ether in here don't worry this is unreal and I'm going ahead and just click connect metamask and you're going to have a pop-up saying yep I'd like to connect to the site I'd like to begin to send transactions to this site so we hit next and we're going to improve the connecting of our metamask

wallet to this specific website I'm going to provide a domain to denial of service so anyone from the crowd want to shoot out some domains I'm not actually analysis servicing anyone here you got Google all right so we have google.com we're going to do is we're going to go over to our implant right so this is mocking our botnet here

so now our implant is running right this this is a um you know this is our botnet this is what's running out on the sphere right independence of whatever the buyer is going to be doing so let's pop back over to our evil Corp site we have Google so now we're going to click fire away right I don't need to know anything about what is essentially going to be um happening as a transaction on the back end we have a little pop-up here that says hey there's a transaction as you'll see it's going to cost 0.1 ether this was crafted for me by the JavaScript that exists at this website and I can go down

and say yes I would like to confirm this transaction and provide the that domain to the service so you see down here I've got it set so that we can see the transaction hash and we can keep an eye on this as it begins to make its way through the ethereum network so as I said one of the downsides of blockchains is that they can be slow um we expect that this will take maybe 15 to 30 seconds to actually propagate through the ethereum test net to be verified and put in and included into a block by miners and once this does go through that function is going to emit an event saying hey this is the domain that was

provided and then our bot our implant is going to pick up that job and start beginning to denial of service in this case google.com so I'm going to pause here while we're waiting um is there any questions at this point in time while we're waiting for the blockchain to do its thing

unfortunately this is one of the things you can't pay too much to speed up you can increase the transaction fee uh saying that essentially it's your Disney fast pass you want to get to the front of the line you spend a bit more money in order to be included in the very next block but the um the Dynamics on the test net aren't exactly the same as on the mainnet um mainly because there's no real Financial incentive to uh you know be faster because essentially we're just playing with fake money here you know these are casino chips on the test net

worth

yeah so the question was uh so why aren't uh you know threat actors just using a test net instead of the mainnet right it doesn't actually cost anything and the problem is that if the threat actor wants to get paid in some currency that has real value they're going to need to do it on a network that where that value exists right so I can buy some tetan SD but they can't actually cast that in for anything at the end of the day and here we go so we've got a success so if I pipe back over you'll see that my my bot picked up that job that admitted event that came for google.com and made

in this case it just made some DNS queries to say okay um you know what is your a record for google.com if we pop back over to the transaction itself uh and check the logs this was the event that was actually emitted right you can go to any public blockchain Explorer and take a look at this and we'll scroll down here sure have my cookies love cookies we'll go to this third hex value we'll convert it to text and we'll see that okay this is actually the google.com that that user provided was is now existing on the blockchain right that exists in the state on the ethereum network that our implant actually picked up and was able

to execute on

so um that was kind of like you know one of the things I thought of on how a threat actor might begin to you know monetize their botnet in a way that they don't really need to trust anyone as a reminder the whole that whole process that we saw with having a human readable domain being able to uh rely on a decentralized storage Network me as a buyer of that service I don't have to trust any third party I can host all of that infrastructure myself and access that same content that we just saw here um through blockchain infrastructure right so virtually um being able to be pseudo-anonymous and doing so and we start to look in the future it's

like okay uh this has been talked about a little bit what happens about automated ransomware payments right what happens if um a smart contract can be deployed in such a way that you can provably um receive a decryption key right so you can use a Smart contract an operator can trustlessly sell their victims a decryption key for money a victim can send some money to a Smart contract like we just saw with a guarantee that they will either receive the decryption key to receive their data or get their money back you know the victim does not have to trust the person who hacked their computer they're trusting the smart contract the contract itself you can

verify it can be essentially what amounts to open source but open source in such a way to where you can guarantee that what you're executing is what you expect to execute and um you can also trust that smart contract will handle the exchange fairly so an example of this you know when we bring it back to like CTI the Conti ransomware group was actually talking about and looking into different blockchain based platforms on how do they start maximizing their their returns they didn't talk about automated ransomware specifically but it goes to show that these adversary and ransomware groups are beginning to explore what blockchain technology has to offer for them so that they can level up their

tradecraft and this technology has been talked about before it's not exactly new uh in the kind of offensive blockchain space to think about automated ransomware payments uh there's a blog post by uh Jeffrey Ladish that goes into you know how a third actor might actually begin to build this it doesn't reveal the whole thing but uh rest assured that technology exists today if someone was officially motivated enough they could create it and that kind of like begs the question why haven't we seen ransomware you know automated payments coming from Smart contracts for ransomware and really it's it's um you know uh pretty simple if it's not broke don't fix it you know these ransomware gangs are taking in um

Millions tens of millions hundreds of millions of dollars in some cases and what they're doing is working they already built out a whole bunch of victim infrastructure uh to support their ransomware activities they have chat surfaces where you're going to uh tour chat um or going to onion sites on tour connecting to these chat rooms and talking to their uh what amounts to support reps directly they have uh support phone lines that you can call where you can actually talk to someone and there's this very interesting dynamic between relation the relationship between ransomware operators and ransomware negotiators where The ransomware Negotiator it has like effectively built a relationship with the operator over time they know

like um and have essentially said okay what we expect a certain payout to be based on a company's level of Revenue so there's an interesting Dynamic there another reason why we haven't seen this is likely because it's a very technical Tech stack if you already um if anyone has seen you know the way that some of these ransomware um uh gangs operate it's not exactly the you know latest and greatest in terms of ttps a lot of um you know copy pasting Powershell commands um not really understanding how to use even like Cobalt trike effectively and really just uh cobbling together what they can to hopefully um provest and laterally move their way to the domain controller and push out

some random ransomware and attack stack itself when we talk about smart contracts is incredibly vulnerability prone so it's seemingly every week every two weeks there's another 100 million dollar hack in some D5 platform why would they want to expose themselves to that risk if this isn't really their subject matter area of expertise however and this is the you know that verified contract source code that I talked about previously where you can essentially verify that a contract is going to do what you expect it to do such as reveal a decryption key to you provided you provide some payment however I'll kind of like pose a question to the room and for you guys to think about

um you know when you go home after this conference is How likely are you to pay um to pay out to a verifiable contract you know does it change the calculus in terms of um the likelihood of paying out to a ransomware gang if you can provably guarantee that you will get the decryption key associated with your encrypted files right you don't have to trust them you're trusting a contract what's the impact on ransomware and cyber insurance companies if you can get a guaranteed um you know decryption key what do those policies start to look like and where do those relationships go so lastly because we talked about you know adversary tradecraft how threat actors are likely to use this technology

in the future definitely want to include some slides about defense and monitoring so a network is only as strong as the number of nodes and the consensus mechanism I talked about previously So currently as it exists the storage now uh the decentralized storage layer and Skynet are the weakest links there's only a couple you know portals that I talked about there which are the equivalents of ipfs gateways and that makes it such that you know if a government entity wants to come in and shut down one of these denial or service platforms there's not that many targets that they have to go visit right there's a you know probably less than 20 of these portals out there shouldn't be too

much work for uh one entity to take them all down and lastly or next we have de-anonymization via existing blockchain uh tracing Solutions such as ciphertrace and chain analysis so the purpose of these vendors and products is to attempt to cluster certain types of transactions together right so they can bucket saying okay this is a bunch of darknet Market activity or a um this is a bucket of exchange activity like this is like coinbase addresses this is raid Forum addresses you know this is a decentralized exchange and the purpose of this is to begin to map out all of these pseudo-anonymous identities such that if you're able to identify one of those addresses belonging to an

individual you can then essentially work your way backwards to say okay well this individual also exchanged money at binance in addition to coinbase that gives you another Target that you can subpoena to try and get more information about what IP address they were coming from hopefully trying to find a hole in the opsec that they were carrying themselves out the goal here for law enforcement is to get to the operator in most cases you're not going to be able to fight with these uncensorable Technologies themselves in the same way that you know if you're dealing with an encrypted file uh an easier way is to try and get the private key and you get the private Key by getting to the

operator next we look at the implant component so this is you're going to be your typical endpoint monitoring so implants and malware are going to have signatures for scanning those public nodes I was talking about previously when a host is going out to trying to identify those ethereum nodes or handshake nodes that's something you can fingerprint on that's something that you can prevent from leaving your network and those public nodes can also be enumerated by you right so the malware is doing it in this case but there are Services out there um such as you know showed an incensus where you can keep tabs on how many public ethereum nodes and what are the IP addresses of those ethereum nodes

such that you can block them in Neo real time on your own networks as soon as they come up and this the last bullet point here is mainly for decentralized DNS any non-icand supported TLD should just be blocked outright you know if you see a host going to just clippy and not like.com uh that should be a pretty pretty big red flag and lastly you know rounding out uh blackfy's hiring um these are some of your open positions I'm going to be around you know in the back here if you're interested in doing some of this stuff uh essentially a lot of this uh that you saw today was me working on my free time

but the more um that there's going to be adversary activity happening uh the more you're going to see some of these blockchain companies uh want to get on chain monitor for this activity and start fingerprinting you know what exactly does an ethereum smart contract command and control look like right can we go back through the history of ethereum and see have any of these contracts already been deployed if we have a general sense about how they look on the blockchain and with that we've got seven minutes left here um Noah fire host a lot um jump into some q a

so I end in the back

yeah so I would say in terms of um and so the question was um are are what other uh nation states and what types of nation today's activities are actually using this blockchain technology um I would say it's still very new for them to use the core you know blockchain infrastructure itself um it's very common for you mentioned North Korea um as one you know grouping of activity to Target these exchanges another one is Russia right now because of the Russian Ukraine conflict we saw their activity uh die down drastically mainly because they're diverting their resources to that conflict um but you know in the same way you know why do they want this cryptocurrency

they their goal is to get as much cryptocurrency as possible to help them avoid sanctions right if they can purchase um you know goods and services that they need in the cryptocurrency of their choice that's um in some instances not all instances harder to trace in terms of sanctions so you have a question sir

[Music] yeah so uh question is um Can smart track contracts effectively like be removed and essentially if you own the contract there is a self-destruct function you can call such that um no or any transactions that go to that smart contract are going to be null and void but that contract still exists you can't actually like remove the contract itself from the blockchain it's already has that written record there what you'll see is some fancy um you know D5 developers what they tend to do is they'll build in a like migration function so if they want to upgrade whatever decentralized protocol that they've built in a smart contract they'll create a function that essentially is a pointer record to a new

contract at a later point in time so when I talk about you know blockchains being append only if you want to you know stop using an old smart contract you essentially by doing so just need to point to a new one but you can't you can't just flat out like remove that existing smart contract that was already deploy it in the back

another observation is amazing related to the numbers exfiltration so you decrypt your data but then they hold your data and then they come back and they'll pay us more but then export you again yeah it's definitely not going to stop like that double extortion problem I think in terms of like not um you know giving all of your keys back to you I think some ways and again the the ransomware operator in this instance is incentivized to make as much money as possible and so a scheme that they might end up using is for every individual file they might have a unique decryption key for that specific file and for every file that has that key you can

essentially submit that individual key to that smart contract so over time you know you can verifiably decrypt all of the files that have been exfiltrated so again their goal is to get as much margin on this as possible foreign

contract would be able to be able to store sort money or the more kind of like in the front of the cyber he's gonna so are you talking about when you say uh pre-mint are you talking about um folks who are deploying uh smart contracts with known vulnerabilities in them to like exploit at a later point in time or yeah

interesting no I haven't heard about that specifically um but one of the interesting in terms of uh just very quickly on uh nfts and hacks around them openc had a vulnerability where essentially being able to inject some JavaScript code to create you know when I bring up my metamask wallet create a transaction for you that will automatically be approved and send your nft from one user to another so that's another way that adversaries are trying to get some uh you know in this case nfts siphoned out of their accounts

all right I think we can uh wrap up a little early thank you all for coming and uh enjoy the rest of your weekend