#CyberSecurityPulse: Guess Riddle… How Is Information Stored In a Bitcoin Address?

ElevenPaths    23 January, 2018

As we have seen in previous post on ElevenPaths blog, the OP_RETURN field of a Bitcoin transaction is used to store a small portion of information (up to 80 bytes) that is usually used to timestamp information taking advantage of the fact that the Bitcoin network is distributed and replicated throughout the network. Numerous projects are used to create use cases to certify that something has happened as the Proof of Existence project, validate academic certificates or even publish the orders to execute the infected nodes inside a botnet. However, did you know what was the technique used before 2013 to store information in the blockchain?

In this sense, the Bitcoin addresses were used (and still are used). At the end, an address does not stop being a text string encoded in Base58Check that contains useful data of up to 20 bytes in length relative to the hash of the public key associated with the address. Knowing this, small quantities were sent to these arbitrarily generated addresses, and therefore, no known private key. This has the consequence that the balance sent to those addresses for which the private key is not available will not be able to be spent, but at least it guaranteed that the operations will be stored in the chain of blocks.

Knowing this, we propose a challenge. Go to the next transaction and try to identify the address that starts with ’15g’. Next, check if it is a valid address (it should be because it is in the blockchain of Bitcoin!). And then try to decode it from Base58 to hexadecimal. And finally, decode it from hexadecimal to ASCII characters. Would you know what information was stored in that transaction issued five years ago?

The way to store information in a blockchain has evolved over time based on the needs of developers. But also here many times the debate goes from being technical to philosophical. The new functionalities have also generated much debate about the way forward since the adoption of these new features have implications that may question the original meaning of some projects. Consensus is not always possible.

Top Stories

The US Global Surveillance Bill Has Been Signed by President Trump

The U.S. legal framework related to the domestic surveillance has been signed by President Trump one day after the Senate approved it with 65 votes against 34. Privacy advocates and civil rights have a long criticized the Section 702 of the Foreign Intelligence Surveillance Act (FISA) that allows US intelligence agencies to conduct domestic surveillance under certain conditions without a warrant. The Section 702 allows the NSA to conduct warrantless spying of foreigners located abroad, including any communications with US citizens.

More information at House.gov

Russia-linked hackers targeting US Senate

Russian hackers from the group known as Fancy Bear are targeting the U.S. Senate, according to Trend Micro. Beginning in June 2017, phishing sites were set up mimicking the ADFS (Active Directory Federation Services) of the U.S. Senate. By looking at the digital fingerprints of these phishing sites and comparing them with a large data set that spans almost five years, they could uniquely relate them to a couple of Pawn Storm incidents in 2016 and 2017. Attribution is extremely tricky in the world of cybersecurity, where hackers routinely use misdirection and red herrings to fool their adversaries. But Tend Micro, which has followed Fancy Bear for years, said there could be no doubt.

More information at TrendMicro

Rest of the Week´s News

Hackers Exploiting Three Microsoft Office Flaws to Spread Zyklon Malware

FireEye researchers recently observed threat actors leveraging relatively new vulnerabilities in Microsoft Office to spread Zyklon HTTP malware. Zyklon has been observed in the wild since early 2016 and provides myriad sophisticated capabilities. Zyklon is a publicly available, full-featured backdoor capable of keylogging, password harvesting, downloading and executing additional plugins, conducting distributed denial-of-service (DDoS) attacks, and self-updating and self-removal.

More information at FireEye

Skype Finally Adds End-to-End Encryption for Private Conversations

Dubbed Private Conversations, the new feature which is about to be introduced in Skype will offer end-to-end encryption for audio calls, text, and multimedia messages like videos and audio files. Private Conversations is already available to the Skype Insider program—a platform that allows Skype users to test new features before they rolled out to the rest of its over 300 million of users worldwide.

More information at Microsoft

Triton Malware Exploited a Zero-Day Flaw in Schneider Triconex SIS Controllers

In December 2017, a new malicious code dubbed Triton malware was discovered by researchers at FireEye. The industrial giant Schneider discovered that the Triton malware exploited a zero-day vulnerability in Triconex Safety Instrumented System (SIS). Initial analysis conducted by Schneider excluded that hackers may have leveraged any vulnerabilities in the target products, but now the vendor has discovered that Triton malware exploited a flaw in older versions of the Triconex Tricon system.

More information at Security Affairs

Further Reading

Nearly Half of the Norway Population Exposed in HealthCare Data Breach

More information at The Hacker News

Flaw in Popular Transmission BitTorrent Client Lets Hackers Control Your PC Remotely

More information at Chromium

A Hospital Victim of a New SamSam Ransomware Campaign Paid $55,000 Ransom

More information at Security Affairs

Leave a Reply

Your email address will not be published.