This Selfie Does Not Exist - On the Security of Electroneum Cloud Mining

Alexander Marsalek, Edona Fasllija, Dominik Ziegler

Research output: Chapter in Book/Report/Conference proceedingConference paperpeer-review

Abstract

The Electroneum cryptocurrency provides a novel mining experience called “cloud mining”, which enables iOS and Android users to regularly earn cryptocurrency tokens by simply interacting with the Electroneum app. Besides other security countermeasures against automated attacks, Electroneum requires the user to upload selfies with a predefined gesture or a drawing of a symbol as a prerequisite for the activation of the mining process. In this paper, we show how a malicious user can circumvent all of these security features and thus create and maintain an arbitrary number of fake accounts. Our impersonation attack particularly focuses on creating non-existing selfies by relying on Generative Adversarial Network (GAN) techniques during account initialization. Furthermore, we employ reverse engineering to develop a bot that simulates the genuine Electroneum app and is capable of operating an arbitrary number of illegitimate accounts on one Android device, enabling the malicious user to ob tain an unfairly large payout
Original languageEnglish
Title of host publication Proceedings of the 17th International Joint Conference on e-Business and Telecommunication: SECRYPT
PublisherSciTePress - Science and Technology Publications
Pages388-396
Volume3
ISBN (Electronic)978-989-758-446-6
DOIs
Publication statusPublished - 2020
Event17th International Conference on Security and Cryptography: SECRYPT 2020 - Virtuell, France
Duration: 8 Jul 202010 Jul 2020

Conference

Conference17th International Conference on Security and Cryptography
Abbreviated titleSECRYPT 2020
Country/TerritoryFrance
CityVirtuell
Period8/07/2010/07/20
  • A-SIT - Secure Information Technology Center Austria

    Stranacher, K. (Co-Investigator (CoI)), Dominikus, S. (Co-Investigator (CoI)), Leitold, H. (Co-Investigator (CoI)), Marsalek, A. (Co-Investigator (CoI)), Teufl, P. (Co-Investigator (CoI)), Bauer, W. (Co-Investigator (CoI)), Aigner, M. J. (Co-Investigator (CoI)), Rössler, T. (Co-Investigator (CoI)), Neuherz, E. (Co-Investigator (CoI)), Dietrich, K. (Co-Investigator (CoI)), Zefferer, T. (Co-Investigator (CoI)), Mangard, S. (Co-Investigator (CoI)), Payer, U. (Co-Investigator (CoI)), Orthacker, C. (Co-Investigator (CoI)), Lipp, P. (Co-Investigator (CoI)), Reiter, A. (Co-Investigator (CoI)), Knall, T. (Co-Investigator (CoI)), Bratko, H. (Co-Investigator (CoI)), Bonato, M. (Co-Investigator (CoI)), Suzic, B. (Co-Investigator (CoI)), Zwattendorfer, B. (Co-Investigator (CoI)), Kreuzhuber, S. (Co-Investigator (CoI)), Oswald, M. E. (Co-Investigator (CoI)), Tauber, A. (Co-Investigator (CoI)), Posch, R. (Principal Investigator (PI)), Bratko, D. (Co-Investigator (CoI)), Feichtner, J. (Co-Investigator (CoI)), Ivkovic, M. (Co-Investigator (CoI)), Reimair, F. (Co-Investigator (CoI)), Wolkerstorfer, J. (Co-Investigator (CoI)) & Scheibelhofer, K. (Co-Investigator (CoI))

    21/05/9931/12/24

    Project: Research area

Cite this