BTC network 3X more ‘evil’ than the Internet, researchers find

Getting your Trinity Audio player ready...

A new report examining malicious activity on the BTC Core blockchain has found a large number of exploits being shared between nodes across the network, and concluded that BTC was ‘3x more evil than the Internet’.

Researchers at Rapid7 released a report detailing their work on the blockchain, which highlighted “rampant” exploitation attempts and other nefarious activity, mostly emanating from China. According to researcher Jon Hart, the group’s findings from their extensive research efforts showed the same pattern of behavior, time after time, on the BTC blockchain.

“Investigations into these interactions showed familiar patterns. Port scans and active reconnaissance with tools like Nmap were rampant, as was repeated attempted exploitation of MS17-010, largely from China…17 hosts, mostly from the China IPv4 space, were actively slinging exploits for MS17-010,” according to the report.

While not all of the issues identified are thought to be potentially harmful, the group found hundreds of nodes exhibiting “curious scanning and probing behavior in the [BTC] peer-to-peer network.”

Their report found that the total number of malicious actors was likely to be low, but that their nodes could account for as much as 2% of the BTC network on so-called “bad days”.

Comparing this to malicious activity on the Internet more generally, Rapid7 concluded that the BTC network had three to potentially 10 times the volume of malicious activity.

“While these percentages may seem low, consider that the usual “background noise” of malicious activity we detect across the entire IPv4 internet is sourced from around 0.2% of total internet population of machines,” according to the report.

The researchers said, “On a typical day, the [BTC] network is approximately three times more ‘evil’ than the rest of the internet. On particularly active days, we see ten times as many malicious nodes in the [BTC] network as we see on the regular internet, by volume.”

The top 3 countries found to contain the most bad actors were the United States, with 178; China with 154; and Germany in third with 132.

The research report offered a warning to those actively mining BTC:

“If you are actively participating as a [BTC] miner, one takeaway is to recognize that there are a small number of participants in the [BTC] network actively taking hostile action against otherwise innocent nodes on the public internet.”