What traditionally interests hackers? That’s right, cash resources. And in the case of blockchain, the target of the attacks remains the same. Gutemberg Dos Santos, a crypto entrepreneur and expert shared with us some topics
Now, hackers have focused their attention on cryptocurrency exchanges, miners, as well as solutions in the field of decentralized finance (or DeFi projects). Despite the fact that technology-based services and products are more resistant to all kinds of hacker attacks, for example, in 2019 alone there were seven major hacks towards well-known Exchanges, as a result of hacking the Upbit Exchange, almost stolen $ 50 million from customer wallets.
We asked Dos Santos, can blockchain be hacked?
Despite the many advantages, not all companies are in a hurry to implement blockchain, due to a lack of knowledge of the technology, reinsurance, or other reasons. So, according to some leaders, the use of blockchain is an additional risk for the organization. Since 71% of the successful attack cases were contained in smart contracts, and half of the projects had vulnerabilities in the applications used to access data on the blockchain.
A strong motivation for cybercriminals is the critical data with which the blockchain system operates, and if only one of the components of the system has a vulnerability, this will be enough for a successful attack.
Therefore, developers must think of blockchain security as the most promising technology of the future. And many companies should pay more attention to security when creating these types of solutions, since in most cases they do not focus on protecting blockchain projects as a priority task. But in vain! Because an audit of blockchain solutions could help identify vulnerabilities before implementation (project launch) and protect users from attacks.
What methods can be used to Theoretically, there are several hacking methods used by attackers, and today we will consider the most popular:
One of the most popular types of attacks used by hackers for easy money. The bottom line is that scammers send malicious links or files via email, after which the computer becomes infected. Therefore, it turns out that users voluntarily disclose their personal data, such as passwords, logins, phone numbers or bank cards, etc.
In June 2019, two Israeli hackers were arrested, who in three years managed to steal more than $ 100 million through phishing attacks. They lured investors to fake Exchanges
Attackers register domain names that are similar in content to the addresses of popular sites, or the most popular blockchain platforms, based on the carelessness of some users. Therefore, a typosquatter can collect a fairly large percentage of “lost” visitors on your site. In addition to making money showing ads, the most dangerous thing for the user is that when they enter the name and password on a fake website, thinking that it is in the original, the scammer can obtain confidential data for greater unauthorized access to the information of other people or, for example, funds in cryptocurrency wallets. In most developed countries, this type of fraud, like cybersquatting, is an illegal activity and punishable by law.
In 2009, this type of fraud was especially common on sites in Cameroon. The domain of this country is .cm, and the popular international domain .com- as we can see, the difference is only in one letter. Typosquatters have registered many sites in the .cm domain, which are essentially a fake copy of any site in the .com domain. And they were created only to fraudulently obtain secret information about the user or show them an ad.
Additionally, authorities in the Netherlands and London recently arrested a whole group of cyber criminals who managed to earn more than $ 27 million in Typequatting.
As we see, attackers actively use this type of attack. Only the development of more effective protection methods will help reduce the vulnerability of blockchain networks.
Did you know that the attack is named after the heroine of a book with Dissociative Personality Disorder? It was first described by Microsoft researcher John Dossier in 2002. This is a method of attack in which a large number of nodes On the network they belong to a hacker, who by creating fake transactions or manipulating trustworthy transaction data during transmission, tries to cause a system crash. But blockchain developers envisioned a similar type of attack. Therefore, protection against them was established as the basis for the development of the cryptocurrency system project. For example, Bitcoin recognizes this type of attack due to the proof of work (POW) algorithm, which requires a node to spend a lot of resources on obtaining coins, which means that it is very expensive to have many nodes. It turns out that it is too expensive and inappropriate for attackers. Therefore, not a single case of a successful Sybil attack on crypto platforms has yet been recorded. However, in the future, hackers may find more effective methods.
The attack occurs when cyber criminals gain control of more than 50% of the total hash power on the network and thus can create their own controlled blockchain, which will become the main one. This means that an attacker will be able to freely cancel already completed transactions and carry out double-spending attacks, which means that the user can send cryptocurrencies twice without the knowledge of the network. (This scheme is known as double spending or reselling the same assets).
Despite the great difficulties in implementing the 51% attack and its high cost, today there are several successful attacks on crypto platforms. In August 2016, the Krypton and Shift blockchains were attacked by 51%. In January 2019, the Ethereum Classic blockchain was the victim of hackers. They managed to steal $ 1.1 million and transfer the cryptocurrency to Coinbase.
Although this type of attack is more likely on networks where the cost of capture is more affordable than on larger networks like Bitcoin, experts predict that such attacks will grow. Therefore, blockchain networks must deal with the implementation of protection methods that would make it impossible to take control of computing power.
Most of the world’s online traffic passes through Internet Service Providers (ISPs), which are intermediaries. And since you need to use the internet to work with cryptocurrencies, when you attack using a router, a hacker intercepts the data when you send it to a provider, these are logins and passwords, emails, instant messages, etc. The worst thing is that with this type of attack, users do not notice unauthorized interference. By accessing confidential information, attackers commit many fraudulent financial transactions worth millions of dollars.
According to a study by ETHZurich, only 13 providers host 30% of Bitcoin’s networks, and 3 providers route 60% of all traffic through the network. Therefore, cybercriminals can intercept 20% of bitcoin transactions simply by splitting a node.
As far as we know, such attacks have not yet existed, and you can defend against them.
Direct denial of service (or DDoS attacks)
This is one of the most common attacks on the Internet. In a DDoS attack, attackers flood a server or host with large amounts of traffic, overloading it with a flow of requests. Therefore, actual requests to receive information are not allowed, leading to a service failure.
In the case of cryptocurrencies, the scammer, having created thousands of fake or small transactions, can try to disconnect the node by rebooting.
However, although large networks are constantly subject to DDoS attacks, the Bitcoin network is quite well protected, as the architecture of this network is aimed at reducing damage in such cases. With a successful DDoS attack, the information is not stolen: the network temporarily stops working.
In June 2015, Coinwallet.eu conducted a “stress test” of the Bitcoin network. Flooding the network with thousands of small transactions. The objective was to show that an increase in blocking is necessary (just at that time the discussion was ongoing about changing the size of the block), since in the current situation it is very easy to carry out a large-scale spam attack in network. From 2015 to 2017, there were several more attempts to send spam to the Bitcoin network.
Since Bitcoin was the first blockchain, many other networks have adopted similar security protocols, making this attack more difficult.
The human factor and cryptographic vulnerabilities
I would like to add that the human factor is the greatest vulnerability. So far, the main loss of funds has occurred due to bugs in the cryptocurrency’s own software.
As is the case with the Ethereum DAO, which was launched in 2016 on the blockchain basis. The hackers found a loophole in a system that did not record the sending of money. Taking advantage of the opportunity to trick the system: By continuing to request funds from different accounts many times, the attackers managed to steal more than $ 50 million in cryptocurrencies.
Ethereum developers wanted to use the soft fork and cashback plan, but when the plan was developed it became clear that it wouldn’t help. Then they had to solve this problem by doing a hard fork: they rewritten the blockchain records, from any time before the attack. As a result, Ethereum Classic (ETC) was created, which was a continuation of the original Ethereum blockchain allowing for DAO hacking, and simply Ethereum (ETH), where the hack did not exist.
Thus, the conclusion suggests that blockchain vulnerability is more related to the way people use it than the way it’s built. The technology itself has fairly good protection, but its supporting elements are much less well protected. The security of wallets, exchange procedures, and third-party service accounts is a serious concern.
They successfully defend against the attacks described above, which are mainly theoretical in nature, but there is no protection against people’s carelessness. People are to blame: they use the same password everywhere, they swap employees, and website operators make mistakes, etc. So the crypto economy’s point of failure is precisely the person. As we better protect and process our information, network security should increase.