2

I'm not too sure if this belongs on security.SE, so feel free to close or migrate to a different SE.

It seems that many ransomwares use Bitcoin as currency (for good reason), and tell you to send X BTC to address A. In order to verify that you have made a payment, I believe they will ask for your transaction ID.

However, as far as I know, all transaction IDs are publicly available. Thus, is it possible that I could just stay on blockchain.info and look at payments to address A, wait until a new one pops up, and immediately type that into my own instance of the ransomware? The malware should not have any way of linking who owns what wallet, so is it possible that someone else might make a payment and I enter the transaction ID first, effectively "stealing" their transaction, using it to pay for my own infection?

I could be completely wrong about this, I don't know much about bitcoin. I also understand that ransomware writers would not be bothered by this, since either way, they're receiving the money.

EDIT: I thought of a way ransomware writers might use to get around this: make a separate bitcoin address for each victim. However, this seems like extra work on the ransomware writer's side, so I'm not sure if many ransomwares do this.

Kevin
  • 123
  • 5
  • 5
    This question is better asked at bitcoin.stackexchange.com and [How does Wanna Cry verify payment](https://bitcoin.stackexchange.com/questions/53451/how-does-wanna-cry-verify-payment/53455) at this site might already contain the answer or at least parts of it. – Steffen Ullrich Jul 27 '17 at 20:53
  • To avoid every transaction being tracked back to the ransomeware attacker, it'd make sense for the ransomeware attacker to provide a different bitcoin address for each victim. – Steve Sether Jul 27 '17 at 21:03
  • @SteffenUllrich yeah, that answer is sorta what I thought some ransomware would do, and based on the fact that it seems some people got their files decrypted without paying, the human error involved probably means that such an "attack" i asked about would probably work too. Not sure how it'd fare with automated decryption. – Kevin Jul 27 '17 at 21:40
  • @SteveSether even if they used multiple addresses, you could still probably track them the same way you would track a single address. Even with a single address, I imagine they would then proxy out payments (is that the right terminology?) to multiple wallets, or just move the funds to some secret bank account in Switzerland or something. Please correct me if I'm wrong, I'd like to know more about this whole process. – Kevin Jul 27 '17 at 21:42
  • @Kevin They use mixer. https://en.bitcoin.it/wiki/Mixing_service – Xavier59 Jul 27 '17 at 21:52
  • @kevin I'm not an expert, but I believe the standard is now to move through one or more alt-coins currencies to avoid detection. If they used z-cash with a private address for instance as an intermediary, it'd be next to impossible to track a transaction directly. The point is that the methods of hiding tracks only becomes more sophisticated with time. – Steve Sether Jul 28 '17 at 14:41
  • 1
    @kevin Also, I it'd make sense for ransomware perpetrators to want to avoid anyone knowing how much ransom they've collected. Even outside of criminal activity, it's fairly standard to provide a new address per transaction. – Steve Sether Jul 28 '17 at 14:43

1 Answers1

2

Yeah, you're right that in this type of setup it's possible for one ransomware victim to claim that someone else's transaction to the ransomware address was their own transaction, because all transactions including the transaction id and destination address are public.

The proper way for the ransomware operator to handle things would be for them to generate a new address for every victim. Just like how every Bitcoin exchange generates unique deposit addresses for every user, every Bitcoin payment processor generates a unique deposit address for each transaction, etc. The ransomware operator's use-case isn't truly different from those use-cases. The ransomware operators who use the "tell us your transaction id" solution picked their solution either out of laziness or lack of knowledge.

Macil
  • 1,482
  • 9
  • 11
  • The recent 'NotPetya' pretended to be ransomware but used the same address for everybody and was found to destroy info that would be needed to decrypt, leading experts to conclude the ransom demand was just a hoax. – dave_thompson_085 Jul 29 '17 at 06:53