Security Researchers Identify Malware Threat to Virtual Currencies

Singapore – March 26, 2015 – INTERPOL cyber threat researchers, including a Kaspersky Lab expert, have identified a threat to the blockchain in virtual transactions that could result in them being embedded with malware or other illegal data, including child abuse images.

Depending on the cryptocurrency and its protocols, there is a fixed open space on the blockchain - the public 'ledger' of transactions - where data can be stored, referenced or hosted within encrypted transactions and their records.

It is this open space which was identified as the potential target for malware by experts, an INTERPOL officer and a seconded specialist from Kaspersky Lab, in the Research and Innovation unit at INTERPOL's Global Complex for Innovation (IGCI).

The design of the blockchain means there is the possibility of malware being injected and permanently hosted with no methods currently available to wipe this data. This could affect 'cyber hygiene' as well as the sharing of child sexual abuse images where the blockchain could become a safe haven for hosting such data. It could also enable crime scenarios in the future such as the deployment of modular malware, a reshaping of the distribution of zero-day attacks, as well as the creation of illegal underground marketplaces dealing in private keys which would allow access to this data.

"To conduct this type of research and identify new cyberthreats were among the key aims behind the creation of the INTERPOL Global Complex for Innovation," said IGCI Executive Director Noboru Nakatani.

"Having identified this threat, it is now important for INTERPOL to spread awareness amongst the public and law enforcement, as well as encourage support from communities working in this field to find solutions for the potential blockchain 'abuse'. In addition to our own experts, the research was conducted with support from a specialist from Kaspersky Lab based at the IGCI which again underlines the value of sharing expertise between the public and private sectors," added Mr Nakatani.

"The core principle of our research is to forewarn about potential future threats coming from decentralized systems based on blockchains. While we generally support the idea of blockchain-based innovations we think that's it is our duty, as a part of security community, to help the developers make such technologies sustainable and useful for the purpose they were intended for. We hope that bringing potential problems to light now will help in improving such technologies in the future and will make it more difficult for them to be used for any malicious purpose," said Vitaly Kamluk, principal security researcher at Kaspersky Lab.

The research was unveiled at the Black Hat Asia 2015 event in Singapore, just weeks before the official inauguration of the IGCI. INTERPOL's state-of-the-art complex will provide its 190 member countries with a cutting-edge research and development facility for the identification of crimes and criminals, innovative training, operational support and partnerships.

About Kaspersky Lab

Kaspersky Lab is the world’s largest privately held vendor of endpoint protection solutions. The company is ranked among the world’s top four vendors of security solutions for endpoint users*. Throughout its more than 17-year history Kaspersky Lab has remained an innovator in IT security and provides effective digital security solutions for large enterprises, SMBs and consumers. Kaspersky Lab, with its holding company registered in the United Kingdom, currently operates in almost 200 countries and territories across the globe, providing protection for over 400 million users worldwide. Learn more atwww.kaspersky.com.

For the latest in-depth information on security threat issues and trends, please visit:

Securelist | Information about Viruses, Hackers and Spam
Follow @Securelist on Twitter

Threatpost | The First Stop for Security News
Follow @Threatpost on Twitter

Media Contact
Sarah (Bergeron) Kitsos 
781.503.2615
sarah.kitsos@kaspersky.com

* The company was rated fourth in the IDC rating Worldwide Endpoint Security Revenue by Vendor, 2013. The rating was published in the IDC report "Worldwide Endpoint Security 2014–2018 Forecast and 2013 Vendor Shares (IDC #250210, August 2014). The report ranked software vendors according to earnings from sales of endpoint security solutions in 2013.