Bitcoin hack can reveal IP addresses of anonymous transactions

The infamous anonymity of Bitcoin as a currency has a weakness built into it, according to a paper published by the University of Luxembourg.

The paper, entitled ‘Deanonymisation of clients in Bitcoin P2P network’, was written by Alex Biryukov, Dmitry Khovratovich and Ivan Pustogarov and explains how a determined hacker could reveal the IP address – and therefore the identity – of individuals who pay for transactions anonymously using the cryptocurrency.

According to International Business Times, researchers claim that a hacker could unveil the identity of a Bitcoin user anonymizing their transactions through Tor for as little as €1,500 (roughly $1,870). The hacker would have to generate a ‘malformed message’, faking that it had been sent by the user through the Bitcoin peer-to-peer network – something that’s possible even if sent from a Tor exit node. These malformed messages increase the penalty score of the IP address, eventually resulting in a 24 hour ban when enough fake messages are sent. “Once the attacker knows what all the servers are and the Bitcoin users have been banned from accessing these servers using Tor, they will then have to access the servers the normal way,” explains IBT.

From there, each time a user’s client makes a connection to the Bitcoin server, its address will be revealed. “Once the hacker knows this address, he can trick the Bitcoin server into revealing the IP address of the user,” IBT states.

Writing in the paper, the authors make it clear that using Tor makes things a little more complicated for a hacker, but does not guarantee privacy: “We demonstrate that the use of Tor does not rule out the attack as Tor connections can be prohibited for the entire network. It shows that the level of network anonymity provided by Bitcoin is quite low. Several features of the Bitcoin protocol makes the attack possible. In particular, we emphasize that the stable set of only eight entry nodes is too small, as the majority of these nodes’ connections can be captured by an attacker.”

The paper goes on to explain that for the continued anonymity of the currency, the Bitcoin network needs a robust authentication system, writing: “We figured out that very short messages may cause a day IP ban, which can be used to separate a given node or the entire network from anonymity services such as proxy servers or Tor. If the Bitcoin community wishes to use Tor, this part of the protocol must be reconsidered.”

Author , ESET

Follow us

Copyright © 2016 ESET, All Rights Reserved.