ZombieCoin 2.0: managing next-generation botnets using Bitcoin

  • Syed Taha Ali
  • Patrick McCorry
  • Peter Hyun-Jeen Lee
  • Feng Hao
Regular Contribution

DOI: 10.1007/s10207-017-0379-8

Cite this article as:
Ali, S.T., McCorry, P., Lee, P.HJ. et al. Int. J. Inf. Secur. (2017). doi:10.1007/s10207-017-0379-8


Botnets are the preeminent source of online crime and arguably one of the greatest threats to the Internet infrastructure. In this paper, we present ZombieCoin, a botnet command-and-control (C&C) mechanism that leverages the Bitcoin network. ZombieCoin offers considerable advantages over existing C&C techniques, most notably the fact that Bitcoin is designed to resist the very same takedown campaigns and regulatory processes that are the most often-used methods to combat botnets today. Furthermore, we describe how the Bitcoin network enables novel C&C techniques, which dramatically expand the scope of this threat, including the possibilities of flexible rendezvous scheduling, efficient botnet partitioning, and fine-grained control over bots. We validate our claims by implementing ZombieCoin bots which we then deploy and successfully control over the Bitcoin network. Our findings lead us to believe that Bitcoin-based C&C mechanisms are a highly desirable option that botmasters will pursue in the near future. We hope our study provides a useful first step towards devising effective countermeasures for this threat.


Botnets Bitcoin Cryptocurrencies C&C 

Funding information

Funder NameGrant NumberFunding Note
European Research Council
  • 306994

Copyright information

© Springer-Verlag Berlin Heidelberg 2017

Authors and Affiliations

  1. 1.School of Electrical Engineering and Computer ScienceNational University of Sciences and TechnologyIslamabadPakistan
  2. 2.School of Computing ScienceNewcastle UniversityNewcastle upon TyneUK
  3. 3.Paysafe GroupCambridgeUK

Personalised recommendations