{"title":"The “Bitcoin Generator” Scam","authors":"Emad Badawi , Guy-Vincent Jourdan , Iosif-Viorel Onut","doi":"10.1016/j.bcra.2022.100084","DOIUrl":null,"url":null,"abstract":"<div><p>The “Bitcoin Generator Scam” (BGS) is a cyberattack in which scammers promise to provide victims with free cryptocurrencies in exchange for a small mining fee. In this paper, we present a data-driven system to detect, track, and analyze the BGS. It works as follows: we first formulate search queries related to BGS and use search engines to find potential instances of the scam. We then use a crawler to access these pages and a classifier to differentiate actual scam instances from benign pages. Last, we automatically monitor the BGS instances to extract the cryptocurrency addresses used in the scam. A unique feature of our system is that it proactively searches for and detects the scam pages. Thus, we can find addresses that have not yet received any transactions.</p><p>Our data collection project spanned 16 months, from November 2019 to February 2021. We uncovered more than 8,000 cryptocurrency addresses directly associated with the scam, hosted on over 1,000 domains. Overall, these addresses have received around 8.7 million USD, with an average of 49.24 USD per transaction.</p><p>Over 70% of the active addresses that we are capturing are detected <strong>before</strong> they receive any transactions, that is, before anyone is victimized. We also present some post-processing analysis of the dataset that we have captured to aggregate attacks that can be reasonably confidently linked to the same attacker or group.</p><p>Our system is one of the first academic feeds to the APWG eCrime Exchange database. It has been actively and automatically feeding the database since November 2020.</p></div>","PeriodicalId":53141,"journal":{"name":"Blockchain-Research and Applications","volume":"3 3","pages":"Article 100084"},"PeriodicalIF":6.9000,"publicationDate":"2022-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S2096720922000252/pdfft?md5=a7df82eff09935b151de207690c2950d&pid=1-s2.0-S2096720922000252-main.pdf","citationCount":"2","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Blockchain-Research and Applications","FirstCategoryId":"1093","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S2096720922000252","RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 2
Abstract
The “Bitcoin Generator Scam” (BGS) is a cyberattack in which scammers promise to provide victims with free cryptocurrencies in exchange for a small mining fee. In this paper, we present a data-driven system to detect, track, and analyze the BGS. It works as follows: we first formulate search queries related to BGS and use search engines to find potential instances of the scam. We then use a crawler to access these pages and a classifier to differentiate actual scam instances from benign pages. Last, we automatically monitor the BGS instances to extract the cryptocurrency addresses used in the scam. A unique feature of our system is that it proactively searches for and detects the scam pages. Thus, we can find addresses that have not yet received any transactions.
Our data collection project spanned 16 months, from November 2019 to February 2021. We uncovered more than 8,000 cryptocurrency addresses directly associated with the scam, hosted on over 1,000 domains. Overall, these addresses have received around 8.7 million USD, with an average of 49.24 USD per transaction.
Over 70% of the active addresses that we are capturing are detected before they receive any transactions, that is, before anyone is victimized. We also present some post-processing analysis of the dataset that we have captured to aggregate attacks that can be reasonably confidently linked to the same attacker or group.
Our system is one of the first academic feeds to the APWG eCrime Exchange database. It has been actively and automatically feeding the database since November 2020.
期刊介绍:
Blockchain: Research and Applications is an international, peer reviewed journal for researchers, engineers, and practitioners to present the latest advances and innovations in blockchain research. The journal publishes theoretical and applied papers in established and emerging areas of blockchain research to shape the future of blockchain technology.