Research: Bitcoin is three times more evil than the Internet

Posted: 10 May 2018 6:54 pm
shutterstock hacker hacking 450x250

That's on average. It gets up to ten times as evil on its bad days.

Tech vulnerability management company Rapid7 likes to take a proactive focus on risk management. Much like some police forces load unlocked camera-filled "honeypot" cars with goodies, and leave them lying around for thieves, Rapid7's Project Heisenberg set up honeypots around the digital world, to see who comes knocking.

The data gathered by these honeypots, in conjunction with Rapid7's Sonar Project and BitNodes, led analysts to conclude that bitcoin is about three times more evil than the Internet (IPv4) average, on its good days. On bad days it was about ten times more evil.

Evil, in this case, refers to the number of bad actors trying to connect to Project Heisenberg's digital honeypots. There's no reason for them to initiate unsolicited contact with those nodes, so it can probably be safely assumed that their intentions are malicious. For example, probing for vulnerabilities or trying to guess passwords.

On the whole, that's really not very evil at all. Bitcoin is purely for transferring and creating monetary value, so it's much richer territory than the Internet as a whole and will naturally attract more attempted thieves. That it's only 3 to 10 times more evil than the Internet average is quite refreshing, given its reputation as a dangerous digital wild west.

The analysts also broke down the nodes by region, to try to get an understanding of where the most evil traffic was hanging out.

In hard numbers, the top offenders that connected to Project Heisenberg honeypots tended to heavily mirror the overall node population by location.

This isn't entirely unexpected, although relative to the total discovered node population a slight emphasis on certain areas appears. For more interesting results, the researchers decided to weight it by number of connection attempts adjusted for node population differences by region.

It's a fairly dramatic shift, essentially showing that Russian bitcoin-connected nodes were extremely "chatty" as the researchers put it, and suggesting some downright weirdness from the island of Curaçao (population 160,000) that the researchers didn't hazard a guess at construing. Overall, the percentage of bitcoin nodes behaving badly was 0.6% on a typical day or up to 2% on a bad day.

With so much money, or "money," involved in the cryptocurrency space there are plenty of reasons for attackers to persevere. Even a slim chance of walking away $500 million richer makes probing well worth it.

DDoS attacks, a classic type of spam attack, have also been upgraded for the crypto age. A couple of months ago the world witnessed the largest DDoS attack in history, with a Monero ransom demand embedded in it.

However, the researchers note that vulnerability proving and theft attempts aren't the only reason to shake hands with a honeypot. Because bitcoin nodes power the network, anyone who wants to attack the bitcoin network as a whole will focus efforts on the nodes. This might account for a kind of steady undercurrent of evilness on bitcoin. It's not clear what the typical evil watermark for that is though.

Disclosure: At the time of writing the author holds ETH, IOTA, ICX, VEN, XLM, BTC, NANO

Disclaimer: This information should not be interpreted as an endorsement of cryptocurrency or any specific provider, service or offering. It is not a recommendation to trade. Cryptocurrencies are speculative, complex and involve significant risks – they are highly volatile and sensitive to secondary activity. Performance is unpredictable and past performance is no guarantee of future performance. Consider your own circumstances, and obtain your own advice, before relying on this information. You should also verify the nature of any product or service (including its legal status and relevant regulatory requirements) and consult the relevant Regulators' websites before making any decision. Finder, or the author, may have holdings in the cryptocurrencies discussed.

Latest cryptocurrency news

Picture: Shutterstock

Get into cryptocurrency

Ask an Expert

You are about to post a question on

  • Do not enter personal information (eg. surname, phone number, bank details) as your question will be made public
  • is a financial comparison and information service, not a bank or product provider
  • We cannot provide you with personal advice or recommendations
  • Your answer might already be waiting – check previous questions below to see if yours has already been asked

Finder only provides general advice and factual information, so consider your own circumstances, or seek advice before you decide to act on our content. By submitting a question, you're accepting our Terms of Use, Disclaimer & Privacy Policy and Privacy & Cookies Policy.
Go to site