This Selfie Does Not Exist - On the Security of Electroneum Cloud Mining

Alexander Marsalek, Edona Fasllija, Dominik Ziegler

Publikation: Beitrag in Buch/Bericht/KonferenzbandBeitrag in einem KonferenzbandBegutachtung

Abstract

The Electroneum cryptocurrency provides a novel mining experience called “cloud mining”, which enables iOS and Android users to regularly earn cryptocurrency tokens by simply interacting with the Electroneum app. Besides other security countermeasures against automated attacks, Electroneum requires the user to upload selfies with a predefined gesture or a drawing of a symbol as a prerequisite for the activation of the mining process. In this paper, we show how a malicious user can circumvent all of these security features and thus create and maintain an arbitrary number of fake accounts. Our impersonation attack particularly focuses on creating non-existing selfies by relying on Generative Adversarial Network (GAN) techniques during account initialization. Furthermore, we employ reverse engineering to develop a bot that simulates the genuine Electroneum app and is capable of operating an arbitrary number of illegitimate accounts on one Android device, enabling the malicious user to ob tain an unfairly large payout
Originalspracheenglisch
Titel Proceedings of the 17th International Joint Conference on e-Business and Telecommunication: SECRYPT
Herausgeber (Verlag)SciTePress - Science and Technology Publications
Seiten388-396
Band3
ISBN (elektronisch)978-989-758-446-6
DOIs
PublikationsstatusVeröffentlicht - 2020
Veranstaltung17th International Conference on Security and Cryptography - Virtuell, Frankreich
Dauer: 8 Juli 202010 Juli 2020

Konferenz

Konferenz17th International Conference on Security and Cryptography
KurztitelSECRYPT 2020
Land/GebietFrankreich
OrtVirtuell
Zeitraum8/07/2010/07/20

Fingerprint

Untersuchen Sie die Forschungsthemen von „This Selfie Does Not Exist - On the Security of Electroneum Cloud Mining“. Zusammen bilden sie einen einzigartigen Fingerprint.
  • A-SIT - Zentrum für sichere Informationstechnologie Austria

    Stranacher, K., Dominikus, S., Leitold, H., Marsalek, A., Teufl, P., Bauer, W., Aigner, M. J., Rössler, T., Neuherz, E., Dietrich, K., Zefferer, T., Mangard, S., Payer, U., Orthacker, C., Lipp, P., Reiter, A., Knall, T., Bratko, H., Bonato, M., Suzic, B., Zwattendorfer, B., Kreuzhuber, S., Oswald, M. E., Tauber, A., Posch, R., Bratko, D., Feichtner, J., Ivkovic, M., Reimair, F., Wolkerstorfer, J. & Scheibelhofer, K.

    21/05/996/08/20

    Projekt: Arbeitsgebiet

Dieses zitieren