An Automatic Detection and Analysis of the Bitcoin Generator Scam

【Author】 Badawi, Emad; Jourdan, Guy-Vincent; Bochmann, Gregor; Onut, Iosif-Viorel

【Source】2020 IEEE EUROPEAN SYMPOSIUM ON SECURITY AND PRIVACY WORKSHOPS (EUROS&PW 2020)

【Abstract】We investigate what we call the Bitcoin Generator Scam (BGS), a simple system in which the scammers promise to generate new bitcoins using the ones that were sent to them. A typical offer will suggest that, for a small fee, one could receive within minutes twice the amount of bitcoins submitted. BGS is clearly not a very sophisticated attack. The modus operandi is simply to put up some web page on which to find the address to send the money and wait for the payback. The pages are then indexed by search engines, and ready to find for victims looking for free bitcoins. We describe here a generic system to find and analyze scams such as BGS. We have trained a classifier to detect these pages, and we have a crawler searching for instances using a series of search engines. We then monitor the instances that we find to trace payments and bitcoin addresses that are being used over time. Unlike most bitcoin-based scam monitoring systems, we do not rely on analyzing transactions on the blockchain to find scam instances. Instead, we proactively find these instances through the web pages advertising the scam. Thus our system is able to find addresses with very few transactions, or even none at all. Indeed, over half of the addresses that have eventually received funds were detected before receiving any transactions. The data for this paper was collected over four months, from November 2019 to February 2020. We have found more than 1,300 addresses directly associated with the scam, hosted on over 500 domains. Overall, these addresses have received (at least) over 5 million USD to the scam, with an average of 47.3 USD per transaction.

【Keywords】Cryptocurrency; scam analysis; cyberattack; fraud detection; bitcoin; blockchain analysis; data mining

【标题】一个自动检测和分析比特币生成器骗局

【摘要】我们调查的是所谓的比特币生成器骗局(BGS)，这是一个简单的系统，骗子承诺使用发送给他们的比特币生成新的比特币。一个典型的提议是，支付少量费用，人们可以在几分钟内收到提交的两倍数量的比特币。英国地质调查局显然不是非常复杂的攻击。通常的做法是简单地建立一个网页，在上面找到发送钱的地址，然后等待回报。然后，这些页面被搜索引擎编入索引，准备为寻找免费比特币的受害者提供帮助。我们在这里描述了一个通用的系统，以发现和分析诈骗，如BGS。我们已经训练了一个分类器来检测这些页面，并且我们有一个爬虫程序使用一系列搜索引擎搜索实例。然后，我们监控找到的实例，以跟踪一段时间内使用的支付和比特币地址。与大多数基于比特币的骗局监控系统不同，我们不依赖于区块链上的交易分析来发现骗局实例。相反，我们通过宣传骗局的网页主动发现这些实例。因此，我们的系统能够在很少的交易，甚至没有交易的情况下找到地址。事实上，超过一半的最终收到资金的地址在收到任何交易之前被检测出来。本文的数据收集时间超过4个月，从2019年11月到2020年2月。我们已经发现超过1300个地址与这个骗局直接相关，托管在500多个域名上。总的来说，这些地址收到(至少)超过500万美元的诈骗，平均每笔交易47.3美元。

【关键词】加密数字货币;骗局分析;网络攻击;欺诈检测;比特币;区块链分析;数据挖掘

【发表时间】2020

【收录时间】2022-05-25

【文献类型】Proceedings Paper

【论文大主题】链上数据分析

【论文小主题】异常交易行为检测

【数据来源】无

【代码】无

【翻译者】王佳鑫