Title: Botract: abusing smart contracts and blockchain for botnet command and control
Authors: Omar Alibrahim; Majid Malaika
Addresses: ISC Department, CLS, Kuwait University, Adailiya Campus, P.O. Box 5969, Safat 13060, Kuwait ' omProtect LLC, P.O. Box 27229, Washington, DC 20038, USA
Abstract: This paper presents how smart contracts and blockchains can potentially be abused to create seemingly unassailable botnets. This involves publishing command and control (C2) logic in the form of smart contracts to the blockchain and then calling the functions of the smart contract for sending and receiving commands and keeping track of the state of bots. We call this technique Botract, derived by merging two words: bot and contract. In addition to describing how hackers can exploit smart contracts for C2, we also explain why it is difficult to disarm Botract, given the distributed nature of the blockchain and the persistent nature of smart contracts deployed on top of them. We then describe the architecture for deploying blockchain-based botnets and implement a proof-of-concept using isolated testnet environments. Our goal is to prove the feasibility of our approach, which we hope will create awareness among the community on the importance of auditing smart contracts on the blockchain and defending against these botnets before they become widespread.
Keywords: smart contract; blockchain; security; botnets; Ethereum.
DOI: 10.1504/IJICS.2022.121295
International Journal of Information and Computer Security, 2022 Vol.17 No.1/2, pp.147 - 163
Received: 31 May 2018
Accepted: 23 Mar 2019
Published online: 04 Mar 2022 *