The blockchain, the public ledger of transactions in cryptocurrencies such as bitcoin, could be used as a safe haven for hosting illegal data, including child abuse images, according to cybersecurity experts.
A new report, published by Interpol cyber threat researchers including a Kaspersky Lab expert, has found a flaw in blockchain, as hackers could embed malware or other illegal data within virtual currency transactions.
“Depending on the cryptocurrency and its protocols, there is a fixed open space on the blockchain – the public ‘ledger’ of transactions – where data can be stored, referenced or hosted within encrypted transactions and their records,” Kaspersky Lab says in a statement.
“The design of the blockchain means there is the possibility of malware being injected and permanently hosted with no methods currently available to wipe this data. This could affect ‘cyber hygiene’ as well as the sharing of child sexual abuse images where the blockchain could become a safe haven for hosting such data.”
In addition, the open space could be used to deploy modular malware, to conduct zero-day attacks, and create illegal underground marketplaces dealing in private keys.
“Having identified this threat, it is now important for INTERPOL to spread awareness amongst the public and law enforcement, as well as encourage support from communities working in this field to find solutions for the potential blockchain ‘abuse’,” said Noboru Nakatani, executive director at Interpol unit Global Complex for Innovation.
“We hope that bringing potential problems to light now will help in improving such technologies in the future and will make it more difficult for them to be used for any malicious purpose,” said Vitaly Kamluk, principal security researcher at Kaspersky Lab.