The “Bitcoin Generator” Scam

IF 6.9 3区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

Blockchain-Research and Applications Pub Date : 2022-09-01 DOI:10.1016/j.bcra.2022.100084

Emad Badawi , Guy-Vincent Jourdan , Iosif-Viorel Onut

{"title":"The “Bitcoin Generator” Scam","authors":"Emad Badawi , Guy-Vincent Jourdan , Iosif-Viorel Onut","doi":"10.1016/j.bcra.2022.100084","DOIUrl":null,"url":null,"abstract":"<div>The “Bitcoin Generator Scam” (BGS) is a cyberattack in which scammers promise to provide victims with free cryptocurrencies in exchange for a small mining fee. In this paper, we present a data-driven system to detect, track, and analyze the BGS. It works as follows: we first formulate search queries related to BGS and use search engines to find potential instances of the scam. We then use a crawler to access these pages and a classifier to differentiate actual scam instances from benign pages. Last, we automatically monitor the BGS instances to extract the cryptocurrency addresses used in the scam. A unique feature of our system is that it proactively searches for and detects the scam pages. Thus, we can find addresses that have not yet received any transactions.Our data collection project spanned 16 months, from November 2019 to February 2021. We uncovered more than 8,000 cryptocurrency addresses directly associated with the scam, hosted on over 1,000 domains. Overall, these addresses have received around 8.7 million USD, with an average of 49.24 USD per transaction.Over 70% of the active addresses that we are capturing are detected before they receive any transactions, that is, before anyone is victimized. We also present some post-processing analysis of the dataset that we have captured to aggregate attacks that can be reasonably confidently linked to the same attacker or group.Our system is one of the first academic feeds to the APWG eCrime Exchange database. It has been actively and automatically feeding the database since November 2020.</div>","PeriodicalId":53141,"journal":{"name":"Blockchain-Research and Applications","volume":"3 3","pages":"Article 100084"},"PeriodicalIF":6.9000,"publicationDate":"2022-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S2096720922000252/pdfft?md5=a7df82eff09935b151de207690c2950d&pid=1-s2.0-S2096720922000252-main.pdf","citationCount":"2","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Blockchain-Research and Applications","FirstCategoryId":"1093","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S2096720922000252","RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 2

Abstract

The “Bitcoin Generator Scam” (BGS) is a cyberattack in which scammers promise to provide victims with free cryptocurrencies in exchange for a small mining fee. In this paper, we present a data-driven system to detect, track, and analyze the BGS. It works as follows: we first formulate search queries related to BGS and use search engines to find potential instances of the scam. We then use a crawler to access these pages and a classifier to differentiate actual scam instances from benign pages. Last, we automatically monitor the BGS instances to extract the cryptocurrency addresses used in the scam. A unique feature of our system is that it proactively searches for and detects the scam pages. Thus, we can find addresses that have not yet received any transactions.

Our data collection project spanned 16 months, from November 2019 to February 2021. We uncovered more than 8,000 cryptocurrency addresses directly associated with the scam, hosted on over 1,000 domains. Overall, these addresses have received around 8.7 million USD, with an average of 49.24 USD per transaction.

Over 70% of the active addresses that we are capturing are detected before they receive any transactions, that is, before anyone is victimized. We also present some post-processing analysis of the dataset that we have captured to aggregate attacks that can be reasonably confidently linked to the same attacker or group.

Our system is one of the first academic feeds to the APWG eCrime Exchange database. It has been actively and automatically feeding the database since November 2020.

查看原文本刊更多论文

“比特币生成器”骗局

“比特币生成器骗局”(BGS)是一种网络攻击，骗子承诺为受害者提供免费的加密货币，以换取少量的挖矿费。在本文中，我们提出了一个数据驱动的系统来检测、跟踪和分析BGS。它的工作原理如下:我们首先制定与BGS相关的搜索查询，并使用搜索引擎找到潜在的骗局实例。然后，我们使用爬虫来访问这些页面，并使用分类器来区分实际的诈骗实例和良性页面。最后，我们自动监控BGS实例以提取骗局中使用的加密货币地址。我们系统的一个独特功能是它主动搜索和检测诈骗页面。因此，我们可以找到尚未收到任何交易的地址。我们的数据收集项目历时16个月，从2019年11月到2021年2月。我们发现了超过8000个与骗局直接相关的加密货币地址，托管在1000多个域名上。总的来说，这些地址收到了大约870万美元，平均每笔交易49.24美元。我们捕获的超过70%的活动地址在他们收到任何交易之前就被检测到，也就是说，在任何人成为受害者之前。我们还对捕获的数据集进行了一些后处理分析，以汇总可以合理自信地与同一攻击者或组相关联的攻击。我们的系统是APWG电子犯罪交换数据库的首批学术提要之一。自2020年11月以来，它一直在主动自动地向数据库提供数据。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Blockchain-Research and Applications

CiteScore

11.30

自引率

3.60%

发文量

期刊介绍： Blockchain: Research and Applications is an international, peer reviewed journal for researchers, engineers, and practitioners to present the latest advances and innovations in blockchain research. The journal publishes theoretical and applied papers in established and emerging areas of blockchain research to shape the future of blockchain technology.