scispace - formally typeset
Search or ask a question
Book ChapterDOI

Analyzing the Bitcoin Ponzi Scheme Ecosystem

26 Feb 2018-pp 101-112
TL;DR: The supply and demand for Bitcoin-based Ponzi schemes is analyzed to identify factors that affect scam persistence and finds that scams are shorter-lived when the scammers register their account on the same day that they post about their scam.
Abstract: This paper analyzes the supply and demand for Bitcoin-based Ponzi schemes. There are a variety of these types of scams: from long cons such as Bitcoin Savings & Trust to overnight doubling schemes that do not take off. We investigate what makes some Ponzi schemes successful and others less so. By scouring 11 424 threads on bitcointalk.org, we identify 1 780 distinct scams. Of these, half lasted a week or less. Using survival analysis, we identify factors that affect scam persistence. One approach that appears to elongate the life of the scam is when the scammer interacts a lot with their victims, such as by posting more than a quarter of the comments in the related thread. By contrast, we also find that scams are shorter-lived when the scammers register their account on the same day that they post about their scam. Surprisingly, more daily posts by victims is associated with the scam ending sooner.
Citations
More filters
Proceedings ArticleDOI
20 Jun 2018
TL;DR: In this article, the authors apply data mining techniques to detect Bitcoin addresses related to Ponzi schemes, which are fraudulent investments which repay users with the funds invested by new users that join the scheme, and implode when it is no longer possible to find new investments.
Abstract: Soon after its introduction in 2009, Bitcoin has been adopted by cyber-criminals, which rely on its pseudonymity to implement virtually untraceable scams. One of the typical scams that operate on Bitcoin are the so-called Ponzi schemes. These are fraudulent investments which repay users with the funds invested by new users that join the scheme, and implode when it is no longer possible to find new investments. Despite being illegal in many countries, Ponzi schemes are now proliferating on Bitcoin, and they keep alluring new victims, who are plundered of millions of dollars. We apply data mining techniques to detect Bitcoin addresses related to Ponzi schemes. Our starting point is a dataset of features of real-world Ponzi schemes, that we construct by analysing, on the Bitcoin blockchain, the transactions used to perform the scams. We use this dataset to experiment with various machine learning algorithms, and we assess their effectiveness through standard validation protocols and performance metrics. The best of the classifiers we have experimented can identify most of the Ponzi schemes in the dataset, with a low number of false positives.

196 citations

Journal ArticleDOI
TL;DR: This work proposes an effective method to detect illicit accounts over the Ethereum network using the XGBoost classifier and publishes the compiled data set as a benchmark for future related works.
Abstract: The recent technological advent of cryptocurrencies and their respective benefits have been shrouded with a number of illegal activities operating over the network such as money laundering, bribery, phishing, fraud, among others. In this work we focus on the Ethereum network, which has seen over 400 million transactions since its inception. Using 2179 accounts flagged by the Ethereum community for their illegal activity coupled with 2502 normal accounts, we seek to detect illicit accounts based on their transaction history using the XGBoost classifier. Using 10 fold cross-validation, XGBoost achieved an average accuracy of 0.963 ( ± 0.006) with an average AUC of 0.994 ( ± 0.0007). The top three features with the largest impact on the final model output were established to be ‘Time diff between first and last (Mins)’, ‘Total Ether balance’ and ‘Min value received’. Based on the results we conclude that the proposed approach is highly effective in detecting illicit accounts over the Ethereum network. Our contribution is multi-faceted; firstly, we propose an effective method to detect illicit accounts over the Ethereum network; secondly, we provide insights about the most important features; and thirdly, we publish the compiled data set as a benchmark for future related works.

113 citations

Posted Content
TL;DR: This paper presents the first systematic analysis of honeypot smart contracts, by investigating their prevalence, behaviour and impact on the Ethereum blockchain, and develops a taxonomy of HoneyBadger - a tool that employs symbolic execution and well defined heuristics to expose honeypots.
Abstract: Modern blockchains, such as Ethereum, enable the execution of so-called smart contracts - programs that are executed across a decentralised network of nodes. As smart contracts become more popular and carry more value, they become more of an interesting target for attackers. In the past few years, several smart contracts have been exploited by attackers. However, a new trend towards a more proactive approach seems to be on the rise, where attackers do not search for vulnerable contracts anymore. Instead, they try to lure their victims into traps by deploying seemingly vulnerable contracts that contain hidden traps. This new type of contracts is commonly referred to as honeypots. In this paper, we present the first systematic analysis of honeypot smart contracts, by investigating their prevalence, behaviour and impact on the Ethereum blockchain. We develop a taxonomy of honeypot techniques and use this to build HoneyBadger - a tool that employs symbolic execution and well defined heuristics to expose honeypots. We perform a large-scale analysis on more than 2 million smart contracts and show that our tool not only achieves high precision, but is also highly efficient. We identify 690 honeypot smart contracts as well as 240 victims in the wild, with an accumulated profit of more than $90,000 for the honeypot creators. Our manual validation shows that 87% of the reported contracts are indeed honeypots.

87 citations


Cites background from "Analyzing the Bitcoin Ponzi Scheme ..."

  • ...Blockchains have been used for money laundering [24] and been the target of several scams [42], including mining scams, wallet scams and Ponzi schemes, which are further discussed in [4, 43]....

    [...]

Proceedings ArticleDOI
Weili Chen1, Tuo Zhang1, Zhiguang Chen1, Zibin Zheng1, Yutong Lu1 
20 Apr 2020
TL;DR: This paper conducts a systematic investigation on the whole Ethereum ERC20 token ecosystem to characterize the token creator, holder, and transfer activity and proposes an algorithm to discover potential relationships between tokens and other accounts.
Abstract: The birth of Bitcoin ushered in the era of cryptocurrency, which has now become a financial market attracted extensive attention worldwide. The phenomenon of startups launching Initial Coin Offerings (ICOs) to raise capital led to thousands of tokens being distributed on blockchains. Many studies have analyzed this phenomenon from an economic perspective. However, little is know about the characteristics of participants in the ecosystem. To fill this gap and considering over 80% of ICOs launched based on ERC20 token on Ethereum, in this paper, we conduct a systematic investigation on the whole Ethereum ERC20 token ecosystem to characterize the token creator, holder, and transfer activity. By downloading the whole blockchain and parsing the transaction records and event logs, we construct three graphs, namely token creator graph, token holder graph, and token transfer graph. We obtain many observations and findings by analyzing these graphs. Besides, we propose an algorithm to discover potential relationships between tokens and other accounts. The reported case shows that our algorithm can effectively reveal entities and the complex relationship between various accounts in the token ecosystem.

75 citations

Journal ArticleDOI
TL;DR: This work charted the landscape of online cryptocurrency manipulation across multiple platforms, unveiling two different deception schemes – “pump-and-dump” and “Ponzi” – and identifying the channels involved in these frauds.
Abstract: Cryptocurrencies represent one of the most attractive markets for financial speculation. As a consequence, they have attracted unprecedented attention on social media. Besides genuine discussions and legitimate investment initiatives, several deceptive activities have flourished. In this work, we chart the online cryptocurrency landscape across multiple platforms. To reach our goal, we collected a large dataset, composed of more than 50M messages published by almost 7M users on Twitter, Telegram and Discord, over three months. We performed bot detection on Twitter accounts sharing invite links to Telegram and Discord channels, and we discovered that more than 56% of them were bots or suspended accounts. Then, we applied topic modeling techniques to Telegram and Discord messages, unveiling two different deception schemes - “pump-and-dump” and “Ponzi” - and identifying the channels involved in these frauds. Whereas on Discord we found a negligible level of deception, on Telegram we retrieved 296 channels involved in pump-and-dump and 432 involved in Ponzi schemes, accounting for a striking 20% of the total. Moreover, we observed that 93% of the invite links shared by Twitter bots point to Telegram pump-and-dump channels, shedding light on a little-known social bot activity. Charting the landscape of online cryptocurrency manipulation can inform actionable policies to fight such abuse.

70 citations


Cites background from "Analyzing the Bitcoin Ponzi Scheme ..."

  • ...As mentioned before, many works [9], [19] collected cryptocurrency manipulation data by using a snowball approach strategy, starting from a known seed of deceptive channels....

    [...]

  • ...In [19], authors investigated online Ponzi schemes advertised on threads of the Bitcointalk forum....

    [...]

  • ...Previous works about cryptocurrency manipulation [9], [19] focused on a specific scheme (e....

    [...]

References
More filters
Journal ArticleDOI
TL;DR: Systems T he Internet offers vast new opportunities to interact with total strangers, but these interactions can be fun, informative, even profitable, but they also involve risk.
Abstract: Systems T he Internet offers vast new opportunities to interact with total strangers. These interactions can be fun, informative, even profitable. But they also involve risk. Is the advice of a self-proclaimed expert at expertcentral.com reliable? Will an unknown dotcom site or eBay seller ship items promptly with appropriate packaging? Will the product be the same one described online? Prior to the Internet, such questions were answered, in part, through personal and corporate reputations. Vendors provided references, Better Business Bureaus tallied complaints, and past personal experience and person-to-person gossip told you on whom you could rely and on whom you could not. Participants’ standing in their communities, including their roles in church and civic organizations, served as a valuable hostage. Internet services operate on a vastly larger scale

2,410 citations

Proceedings Article
12 Aug 2015
TL;DR: This paper presents a long-term measurement analysis of a large portion of this online anonymous marketplace ecosystem, including 16 different marketplaces, over more than two years (2013- 2015), and offers a detailed understanding of the growth of the onlineAnonymous marketplace ecosystem.
Abstract: February 2011 saw the emergence of Silk Road, the first successful online anonymous marketplace, in which buyers and sellers could transact with anonymity properties far superior to those available in alternative online or offline means of commerce. Business on Silk Road, primarily involving narcotics trafficking, rapidly boomed, and competitors emerged. At the same time, law enforcement did not sit idle, and eventually managed to shut down Silk Road in October 2013 and arrest its operator. Far from causing the demise of this novel form of commerce, the Silk Road take-down spawned an entire, dynamic, online anonymous marketplace ecosystem, which has continued to evolve to this day. This paper presents a long-term measurement analysis of a large portion of this online anonymous marketplace ecosystem, including 16 different marketplaces, over more than two years (2013- 2015). By using long-term measurements, and combining our own data collection with publicly available previous efforts, we offer a detailed understanding of the growth of the online anonymous marketplace ecosystem. We are able to document the evolution of the types of goods being sold, and assess the effect (or lack thereof) of adversarial events, such as law enforcement operations or large-scale frauds, on the overall size of the economy. We also provide insights into how vendors are diversifying and replicating across marketplaces, and how vendor security practices (e.g., PGP adoption) are evolving. These different aspects help us understand how traditional, physical-world criminal activities are developing an online presence, in the same manner traditional commerce diversified online in the 1990s.

320 citations

Journal ArticleDOI
TL;DR: This paper investigates the semiotics of Bitcoin, an electronic cash system that uses decentralized networking to enable irreversible payments as a “practical materialism” and suggests it replays debates about privacy, labor, and value.
Abstract: (Received XX XXX XXXX; final version received XX XXX XXXX) This paper investigates the semiotics of Bitcoin, an electronic cash system that uses decentralized networking to enable irreversible payments. For enthusiasts, Bitcoin provides an alternative to currencies and payment systems that are seen to threaten users’ privacy, limit personal liberty, and undermine the value of money through state and corporate oversight. Bitcoin’s promise lies in its apparent capacity to resolve these concerns not through regulatory institutions or interpersonal trust, but through its cryptographic protocols. We characterize this semiotics as a ‘‘practical materialism’’ and suggest it replays debates about privacy, labor, and value.

278 citations

Book ChapterDOI
03 Mar 2014
TL;DR: An empirical investigation into the prevalence and impact of distributed denial-of-service (DDoS) attacks on operators in the Bitcoin economy finds that 7 % of all known operators have been attacked, but that currency exchanges, mining pools, gambling operators, eWallets, and financial services are much more likely to be attacked than other services.
Abstract: We present an empirical investigation into the prevalence and impact of distributed denial-of-service (DDoS) attacks on operators in the Bitcoin economy. To that end, we gather and analyze posts mentioning “DDoS” on the popular Bitcoin forum bitcointalk.org. Starting from around 3 000 different posts made between May 2011 and October 2013, we document 142 unique DDoS attacks on 40 Bitcoin services. We find that 7 % of all known operators have been attacked, but that currency exchanges, mining pools, gambling operators, eWallets, and financial services are much more likely to be attacked than other services. Not coincidentally, we find currency exchanges and mining pools are much more likely to have DDoS protection such as CloudFlare, Incapsula, or Amazon Cloud. We show that those services that have been attacked are more than three times as likely to buy anti-DDoS services than operators who have not been attacked. We find that big mining pools (those with historical hashrate shares of at least 5 %) are much more likely to be DDoSed than small pools. We investigate Mt. Gox as a case study for DDoS attacks on currency exchanges and find a disproportionate amount of DDoS reports made during the large spike in trading volume and exchange rates in spring 2013. We conclude by outlining future opportunities for researching DDoS attacks on Bitcoin.

202 citations

Book ChapterDOI
26 Jan 2015
TL;DR: The first empirical analysis of Bitcoin-based scams: operations established with fraudulent intent is presented, finding that at least $11 million has been contributed to the scams from 13 000 distinct victims.
Abstract: We present the first empirical analysis of Bitcoin-based scams: operations established with fraudulent intent. By amalgamating reports gathered by voluntary vigilantes and tracked in online forums, we identify 192 scams and categorize them into four groups: Ponzi schemes, mining scams, scam wallets and fraudulent exchanges. In 21 % of the cases, we also found the associated Bitcoin addresses, which enables us to track payments into and out of the scams. We find that at least $11 million has been contributed to the scams from 13 000 distinct victims. Furthermore, we present evidence that the most successful scams depend on large contributions from a very small number of victims. Finally, we discuss ways in which the scams could be countered.

186 citations

Trending Questions (1)
How do I report a scam to cyber cell?

One approach that appears to elongate the life of the scam is when the scammer interacts a lot with their victims, such as by posting more than a quarter of the comments in the related thread.