top | item 46499248

(no title)

There are much lighter alternatives though, why would you want to bother with cryptocurrencies when you could just use DHT?

I mean, even just shipping a Tor client embedded in your malware seems like a much better idea.

>just rely on explorers to query your own wallet

This kind of defeats the point, you get exactly 0 censorship resistance like this.

discuss

kachapopopow|1 month ago

enlighten me how a non trivially generated address that is only known by malware can be implemented in every single blockchain explorer?

you would have to extract the keys from the malware, you would then have to implement the logic and announce it - then rely on blockchain exploreres actually using that data to block addresses in real time.

monerozcash|1 month ago

I'm not 100% sure I understand what you're saying, but I guess you're asking how this could be censored?

> you would have to extract the keys from the malware

Yeah? That happens all the time. If you're designing mechanisms like this, it's presumably specifically against adversaries which are doing exactly that.

> you would then have to implement the logic and announce it - then rely on blockchain exploreres actually using that data to block addresses in real time.

Someone would only have to do this once and all your bots would be gone.

Usually the whole point of these mechanisms is C&C resilience, and usually that only matters for really big botnets which face co-ordinated attacks.

Any good C&C system for a bigger botnet would seek to eliminate all meaningful external points of failure for C&C. Using a block explorer, or HN comments, does not achieve that.