Author

Topic: [2014-05-16] CoinFront – Virus Signature in Bitcoin Blockchain (Read 2565 times)

legendary
Activity: 2856
Merit: 1520
Bitcoin Legal Tender Countries: 2 of 206
does anybody have the link to the blockchain tx?
legendary
Activity: 826
Merit: 1002
amarha
Blockchain vandalism gets tiring after a while. But there's nothing we can do about it afaik.
full member
Activity: 168
Merit: 100
So it's confirmed, thank you. Of course it's just a text signature, but still quite an annoying prank.

It's much more annoying than you think: it could fool an antivirus program into actually deleting the file containing the offending signature.
I've seen Exchange databases suddenly disappear due to an infected attachment in an email message... it would be no wonder at all to have the whole blockchain wiped from your hard disk due to a fake viral signature.
And while this is actually harmless, having to download it again could be a royal pain.
newbie
Activity: 54
Merit: 0
Microsoft Security Essentials reporting false positives in the Bitcoin blockchain, constantly notifying users.
https://answers.microsoft.com/en-us/protect/forum/mse-protect_updating/microsoft-security-essentials-reporting-false/0240ed8e-5a27-4843-a939-0279c8110e1c

So it's confirmed, thank you. Of course it's just a text signature, but still quite an annoying prank.
b!z
legendary
Activity: 1582
Merit: 1010
It seems MSE does not find the Virus signature in every Software. I got W7, bitcoin core 0.9.1 (newest Version) and when I run MSE no warning appears

Interesting. So we have no confirmation of this story so far. Is it a hoax?
Also, I have not found any information about which block exactly should contain the virus signature.

It's not a danger to the blockchain.

From http://antivirus.about.com/od/whatisavirus/a/virussignature.htm

In the antivirus world, a signature is an algorithm or hash (a number derived from a string of text) that uniquely identifies a specific virus.

The idea is that the signature is only a part of that particular virus, so any program with that signature can be assumed to be that virus. If the signature is inserted into the blockchain, then MSE assumes it's a virus.
newbie
Activity: 42
Merit: 0
Might scare some people off if they believe that Bitcoin's blockchain have a virus and will damage their computer.
newbie
Activity: 54
Merit: 0
It seems MSE does not find the Virus signature in every Software. I got W7, bitcoin core 0.9.1 (newest Version) and when I run MSE no warning appears

Interesting. So we have no confirmation of this story so far. Is it a hoax?
Also, I have not found any information about which block exactly should contain the virus signature.
hero member
Activity: 602
Merit: 500
It seems MSE does not find the Virus signature in every Software. I got W7,bitcoin core 0.9.1 (newest Version) and when I run MSE no warning appears
newbie
Activity: 54
Merit: 0
Microsoft Security Essentials Reports Virus Signature in Bitcoin Blockchain
http://thecoinfront.com/microsoft-security-essentials-reports-virus-signature-in-bitcoin-blockchain/

Quote
The blockchain allows a small amount of text to be added to each transaction, and someone took advantage of this to upload the signature for the virus DOS/STONED into the blockchain.

The DOS/STONED virus is a prank virus which doesn't do any actual damage. All it does is display "YOUR COMPUTER HAS BEEN STONED" on one out of every eight boot-ups. The virus is over a quarter century old, and may not even be compatible with modern operating systems.

Because it's supposedly only the signature of the virus, and not the virus itself, there is no likely danger to Bitcoin users. But this concept does represent a dangerous precedent. Even if it's only the virus signature, the fact that malicious code can be inserted into the blockchain could cause fear and uncertainty in the blockchain, and push users away from Bitcoin.

Obviously this prank rather shows the stupidity of Microsoft's antivirus, but is there someone who can give technical details about how it was done? In all the articles about this topic there are only very vague descriptions. Also, I have seen discussions about what kind of data can be inserted into the blockchain. Is this a real danger to the blockchain, or just a harmless joke?
Jump to: