Research: Bitcoin is three times more evil than the Internet
That's on average. It gets up to ten times as evil on its bad days.
Tech vulnerability management company Rapid7 likes to take a proactive focus on risk management. Much like some police forces load unlocked camera-filled "honeypot" cars with goodies, and leave them lying around for thieves, Rapid7's Project Heisenberg set up honeypots around the digital world, to see who comes knocking.
The data gathered by these honeypots, in conjunction with Rapid7's Sonar Project and BitNodes, led analysts to conclude that bitcoin is about three times more evil than the Internet (IPv4) average, on its good days. On bad days it was about ten times more evil.
Evil, in this case, refers to the number of bad actors trying to connect to Project Heisenberg's digital honeypots. There's no reason for them to initiate unsolicited contact with those nodes, so it can probably be safely assumed that their intentions are malicious. For example, probing for vulnerabilities or trying to guess passwords.
On the whole, that's really not very evil at all. Bitcoin is purely for transferring and creating monetary value, so it's much richer territory than the Internet as a whole and will naturally attract more attempted thieves. That it's only 3 to 10 times more evil than the Internet average is quite refreshing, given its reputation as a dangerous digital wild west.
The analysts also broke down the nodes by region, to try to get an understanding of where the most evil traffic was hanging out.
In hard numbers, the top offenders that connected to Project Heisenberg honeypots tended to heavily mirror the overall node population by location.
This isn't entirely unexpected, although relative to the total discovered node population a slight emphasis on certain areas appears. For more interesting results, the researchers decided to weight it by number of connection attempts adjusted for node population differences by region.
It's a fairly dramatic shift, essentially showing that Russian bitcoin-connected nodes were extremely "chatty" as the researchers put it, and suggesting some downright weirdness from the island of Curaçao (population 160,000) that the researchers didn't hazard a guess at construing. Overall, the percentage of bitcoin nodes behaving badly was 0.6% on a typical day or up to 2% on a bad day.
With so much money, or "money," involved in the cryptocurrency space there are plenty of reasons for attackers to persevere. Even a slim chance of walking away $500 million richer makes probing well worth it.
DDoS attacks, a classic type of spam attack, have also been upgraded for the crypto age. A couple of months ago the world witnessed the largest DDoS attack in history, with a Monero ransom demand embedded in it.
However, the researchers note that vulnerability proving and theft attempts aren't the only reason to shake hands with a honeypot. Because bitcoin nodes power the network, anyone who wants to attack the bitcoin network as a whole will focus efforts on the nodes. This might account for a kind of steady undercurrent of evilness on bitcoin. It's not clear what the typical evil watermark for that is though.
Disclosure: At the time of writing the author holds ETH, IOTA, ICX, VEN, XLM, BTC, XRB
- Global currency, recession and Bitcoin, part 2: Creating a global reserve currency
- Bitcoin bubble of 2017 was deliberately popped, former CFTC chair says
- Why BSV prices jumped 20% today, and the Lightning Network vulnerability explained
- Bitcoin mining farm in Rockdale, Texas has potential to be world’s largest
- Binance adding RUB fiat trading, may add EUR and GBP next