Microsoft – Blockchain Domains are Next Major Threat
This year’s Microsoft Digital Defense Report covers a standard rogue’s gallery of cyberthreats, such as phishing, ransom ware, and supply-chain intrusions, among other things. However, it introduces a new villain to the mix: blockchain domain names.
Domain names that are recorded into a distributed ledger maintained across a cluster of computers rather than being kept in a conventional, centralized registry are described as “the next major danger” in Microsoft’s latest annual security report.
The storage of domain names on a blockchain may make it impossible to shut down or even identify the proprietors of such domain names. It also makes them unavailable to anybody who does not have appropriate software or settings.
This is in reference to the experience Microsoft had last spring when it was able to shut down a botnet known as Necurs. “In recent years, we have noticed blockchain domains being incorporated into cybercriminal infrastructure and activities,” the paper states.
That botnet made use of a domain-generating algorithm to generate new hosts in large numbers—including sites under the.bit blockchain top-level domain, which made them inaccessible to law enforcement in the same way that a.com or other standards-compliant domain might be.
In response to the potential for misuse, a group known as OpenNIC, which advocates for substitutes to the standard domain-name system, voted in 2019 to prohibit the.bit domain, fearing that the organization would be “directly responsible for the birth of a whole new type of malware.”
As the research from Microsoft points out, “this trend of risks exploiting blockchain domains as infrastructure with the ability to establish an undisputable criminal network should be considered credible.” When it comes to the criticism that blockchain domains can’t be taken down, you’ll find a frequent reaction among proponents of a decentralized internet: That is accurate, you are correct.
According to the sales pitch on the webpage of one blockchain-domain registrar, Unstoppable Domains, “unstoppable domains are totally owned and managed by the customer with zero renewal costs ever (you purchase it once, you own it for life!”.
In the blockchain domain space, it lists one-time registration rates ranging from $20 to $100 for blockchain top-level domains such as.crypto,.wallet,.coin,.888, and.x, however costs may climb drastically for shorter, more memorable names, according to the company.
For example, potomacriver.x would cost $100, while potomac.x would cost $7,500, depending on the domain name. In an email, Unstoppable Domains CEO Matthew Gould dismissed the notion that his business, situated in San Francisco, is a reckless participant in the Internet domain name space.
In particular, he cited the company’s trademark-compliance regulations (its website would not allow me to begin registration fastcompany.x since the domain was listed as “protected”) and its applicant-screening procedures.
We have also stopped the registration of domains linked with known pirating software or other kinds of IP theft and fraud, according to Unstoppable’s CEO, who also stated that the company can even take back domains if registrants park them with the company’s custodial facility instead of relocating them to their own cryptocurrency wallet, the latter option being the more convenient option that approximately 75% of registrants choose today.
Gould also denied the concept that blockchain domains were designed to be infected by malware, arguing that they would instead serve to build confidence in the conduct of bitcoin transactions. According to him, “anonymous users prefer to establish fresh addresses every time since this is excellent practice.” Because domains offer a single distinctive nonchanging destination, crypto payments become less anonymous as a result of their use.”
Microsoft refused to provide any information on the results of the research. Despite the fact that blockchain domains have been used for malware in the past, Sean Gallagher, a senior threat researcher with the research firm Sophos, wrote in an email that the need for custom routing made them an inefficient option for such attacks because malware cannot spread via standard web browsers that aren’t compatible with the domains.
Moreover, he pointed out that blockchain domains provide less privacy than Tor, the cloaked routing technology that is used to circumvent many censorship regimes: “They do not provide anonymity for the destination.” If you want to go to a blockchain domain, such as brad.crypto (the web space of Unstoppable Domains cofounder Bradley Kam), the quickest and most straightforward method is to utilize one of the few browsers now supporting that namespace, such as the Chrome-based, privacy-optimized Brave.
In Brave’s URL bar, type in brad.crypto, then click to accept the blockchain routing, and you should be able to see Kam’s gallery of NFT (non-fungible token) artwork. The University of Pennsylvania’s Wharton School’s Kevin Werbach, who recently registered the name kwerb.eth (which refers to another blockchain domain system, the Ethereum Name Service), expressed his skepticism that browser support for blockchain domains will be expanded in the near future.
“Google, Apple, and Microsoft are not going to give native support until they have a high degree of confidence that those issues have been addressed,” he wrote. People’s willingness to switch browsers, install browser extensions, or custom-configure DNS settings will be dependent on their inclination to do so; the latter two habits are the kind of tinkering that are sometimes exploited by malware.
In addition, “DNS has security weaknesses that are partially related to its centralized structure,” Werbach said, “but placing domain names on a blockchain introduces a new set of security issues. I don’t believe we know enough about the severity of the relative dangers to be able to make categorical conclusions about them.”
Skepticism is warranted in light of the current level of frothiness surrounding bitcoin and blockchain excitement. Mike Masnick, publisher of the Techdirt technology-policy blog and a proponent of a more decentralized social internet, praised the potential for blockchain domains “to create both a different kind of incentive structure and one in which users may retain more control over their own information,” according to Masnick.
“The blockchain field today is almost exclusively populated by mercenary individuals seeking profit,” he said, “which has some important elements—in terms of bringing in money and rewarding certain behaviors—but also has the genuine potential to prioritize pure profit over social value.” Masnick did not draw attention to the connections between his work and today’s commercial social media. But why would he feel compelled to?