An expensive, slow, and extremely CPU and network intensive protocol is not what you want to use for stealthy malware communications. It could be done; you could also hammer a nail with a trout, but you'd look pretty foolish in the process.
Yes, I agree with you on the part that it is not the most efficient network protocol, but you're overlooking the fact that blockchain is almost impossible to take down and is censorship-free. Even if they manage to locate the C&C; they simply couldn't shut it down, since BC is decentralised and a distributed database.
There's also the disadvantage of having every communication between the malware and the controller publicly logged, and the fact that that every command issued would have a small transaction free.
It's not expensive because you only need to post a message when you are changing IPs, and it will only cost a fraction of a cent. If botnets used to work with hardcoded IP addresses, it's clear that changing IP addresses does not happen very often, and usually triggered by a government action which is very expensive for the government.
It does not need to be CPU or network intensive because it can basically use a light wallet implementation.
It is not. I wrote this for a computer security class, and the paper itself was (unfortunately) last minute. I posted it to reddit last night as an afterthought, found it here in the morning. I'm sorry if it isn't up to any sort of standards, this draft was rushed, and I wasn't expecting it to get any sort of traction.
I suspect it's a student project, maybe done for a class at UCSC. The two authors worked together on another project [1], as students at UCSC, in the Spring 2013 semester.
You suspected correctly. Christopher and I wrote this for a computer security class at UCSC (taught by Ethan Miller, who I expect will at some point read this), and I posted it to reddit to see what people thought. The paper was a bit rushed, and isn't proofread at all, if I had known it would pop up on HN, I would have polished it a bit more.
