Tangemを購入

How the blockchain gets hacked: Attacks on decentralized networks

Blog_attack.png

The blockchain – a distributed ledger that functions as a database – is a much more reliable solution for storing information and conducting transactions than centralized databases. Despite this, it can also be hacked, and attempts are made with worrying frequency. Attacks on decentralized networks vary in nature, but in most cases they are aimed at exploiting loopholes in the consensus mechanism and gaining control over the blockchain hash rate. This allows the malicious actors to change the data in the registry, create havoc and steal cryptocurrency.

In this article we’ll look at how people attack the blockchain and what the 

The 51% attack

The 51% attack is the main threat to blockchains. It applies to networks that use the proof-of-work consensus algorithm.

The basic idea involves taking control of more than 50% of the computing power, or hash rate, of the network. The consequences are similar to owning a controlling stake in a company: you can make any decisions and do whatever you want with the company you own the shares in. In the case of the hash rate, this means you control 51% of the computing power of the blockchain.

If attackers take control of more than 50% of the mining power, they can change the order of transactions, void transaction confirmations, and prevent other miners from mining crypto. In short, they can create chaos and bring about network failures. They can also cause problems under the radar, such as by spending the same cryptocurrency several times (double-spending).

How do they get so much power? There are several options, including renting a lot of mining equipment and taking control of – or even setting up – a mining pool. Another option is duping other miners or going down the completely illegal path of running a mining botnet with the help of malware.

Nevertheless, using this method to attack a large blockchain such as Bitcoin, where the network has a very large number of nodes, and the mining equipment and electricity costs are huge, is almost impossible. It’s also not worth it. Small projects, however, are not immune to this type of threat.

Several networks have suffered 51% attacks, including ZenCash (ZEN), Litecoin Cash (LCC), MonaCoin (MONA), Verge (XVG) and Bitcoin Gold (BTG).

After carrying out a 51% attack, attackers can exploit every single protocol vulnerability. In general, however, they are hoping to double-spend.

The successful attack on the ZenCash (ZEN) network in 2018 brought the attackers $550,000. They were able to double two significant transactions worth 13,000 and 6,600 ZEN respectively. The attack lasted for 110 blocks and 4 hours, though its cost to the network was minimal compared to the stolen coins, at around $30,000.

Another example is Ethereum Classic, which was attacked three times in 2020 by a hacker who had rented computing power from the NiceHash service. Between July and August, the ETC hash rate fell sharply and the attacker took advantage. They rented a GPU with a hash rate of over 51% of the entire Ethereum Classic network, meaning they could double-spend over 1 million ETC – this was worth more than $9 million at the time.

The cost of renting the hash rate was hundreds of thousands of dollars, so the precise final “profit” is unknown.

Unfortunately, there are quite a few similar stories.

Double spending

The double spending problem emerged long before the blockchain and cryptocurrencies. The bottom line is that, when exchanging one item for another, if you don’t complete the transaction in that moment and promise to hold up your end of the deal later, there is always the risk that you won’t have it further down the line. You could in theory provide a document promising payment (a contract, scrip etc.) to two or three counterparties, despite the fact that the asset being promised only exists in a single copy. This is double-spending. On the blockchain, the principle is exactly the same.

Double spending occurs when an attacker spends the same coins two or more times. For example, a user who has 1 BTC sends it to several counterparties at once and receives something in exchange. On the other side of the equation, only one person actually receives this 1 BTC.

When the network is working properly, only one transaction will receive the approval of the majority of nodes, and this is what usually happens. Security measures are built into blockchains to prevent this type of attack. Nevertheless, there is still a risk of double spending.

There are different ways of gaining the opportunity to double-spend, with the 51% attack serving as one example. When an attacker takes control of more than half of the hash rate, they can generate new blocks independently, make changes to them, and reject certain transactions while confirming the “necessary” ones.

atack_img.png

This example shows that attackers have created a fork on the main chain and were able to confirm false transactions while five legitimate ones were processed.

During this time, it would be possible to send coins to a crypto exchange with transactions requiring 1–5 blockchain confirmations, sell them and then receive a different cryptocurrency or fiat in return.

Later, when the “window of attack” closes, the series of false blocks will be discarded, but for the attacker the picture looks as follows: they put their tokens on an exchange and sell them, but when the blockchain restores consensus, they still have all of those coins on the original blockchain. What they sold was in fact "fake" cryptocurrency.

Finney attack

The Finney attack is named after the first recipient of Bitcoin, Hal Finney, who was also the first to suggest the possibility of double-spending cryptocurrencies on the blockchain.

The Finney attack is a variant of the double spend that can occur when a counterparty accepts an unconfirmed transaction. The essence of this attack lies in the fact that a miner can generate a block and include a transaction in it from their address "A" to another of their addresses, "B", but without immediately broadcasting it to the network. Next, they need to execute another transaction from address "A" to address "C", which belongs to another user. If this user accepts the transaction without network confirmation, the scammer broadcasts the previous block containing the first transaction. The transaction from address "A" to address "C" therefore becomes invalid, and the attacker receives a double benefit.
Race attack
This type of attack is a competition for speed between two transactions. A scammer sends the same coins from the same address from different devices to two different recipients devices simultaneously. Both recipients send their goods or cryptocurrencies, but the one that takes place second is invalidated.

This attack is only possible if an unconfirmed transaction is accepted by the merchant. All that’s required to avoid falling for the tricks of these “racers” is waiting for at least one confirmation of the operation.

Sybil attack

This attack is named after Sybil, the main character in Flora Rheta Schreiber’s book of the same name, which tells the story of her treatment for dissociative identity disorder. The idea behind it is that hackers populate a network with nodes under their control, before “surrounding” a victim’s node in such a way as to control all transactions. This is almost impossible to do on major networks like Bitcoin, since nodes essentially select other network nodes randomly when confirming transactions. This is why Sibyl attacks usually target new crypto projects. When connecting to the network, a node may not know the IP of trusted nodes and instead requests them. If the request reaches the attacker's node, they can send the addresses of the nodes they control in response.

This can allow the hacker to:

  • Block the user’s transactions, effectively disconnecting them from the main blockchain;
  • Decide which block to “connect” the user to (these are usually blocks where double-spending is taking place);
  • Track all of the user’s transactions. 

In short, the nodes controlled by the attacker can persuade other nodes to approve incorrect data.

Selfish mining

Blockchains running on PoW have a vulnerability that dishonest miners can exploit: the possibility of confirming several blocks at the same time.

If two blocks are generated at the same time and linked to the previous ones, the blockchain will fork into two chains. Forking makes the blockchain architecture more complex and slows down transactions, which is why miners are required to immediately broadcast confirmation data to other nodes after confirming blocks so that there is no conflict between blocks.

Despite this, so-called selfish miners hide this information from other network participants and mislead the "honest" nodes, which continue to generate a new chain of blocks and thereby increase the length of the network’s fork.

Let’s say a selfish miner mined block 2,001, but didn’t broadcast this information to the network. The remaining nodes continue to mine new blocks starting from 2,000. This means that there are now two blocks with a claim to being the 2,000th: one from an honest miner, and another from an attacker. Both of these blocks are associated with their own block 2,001.

The fraudsters continue to generate blocks and add them to their chain, which lengthens accordingly. The hackers then transmit data about the block 2,001 that they have mined, the network recognizes that it was found first, classifies the selfish chain as valid, and discards the blocks that were added by honest nodes during the same period. As a result, the honest miners don’t receive rewards and their power is wasted.

Routing attacks

These attacks are not directly related to security issues on the blockchain itself. Instead, they exploit vulnerabilities in the connection protocols of internet service providers (ISPs). By gaining access to the protocol, a hacker can publish false routes. Notably, this type of attack can be used to double-spend. If you delay the delivery of new blocks, they will not be visible to the network, creating a window during which the crypto can be double-spent.

Exploiting smart contract vulnerabilities


Smart contracts are coded by people, and people make mistakes. Hackers therefore attempt to take advantage of these errors.

All kinds of vulnerabilities can be found in smart contracts. It could be a complex problem that is very difficult to detect, or perhaps a typo in the code. One way or another, any mistake leaves open the possibility of losing millions of dollars.

In a report dated 30 June 2023, the Web3 security company Beosin reported that the total value of cryptocurrency lost through fraud, hacks and scams in the first half of 2023 was $656 million. Most (56%) of the stolen cryptocurrency was lost due to smart contract vulnerabilities.

It isn’t just vulnerabilities in the smart contracts themselves that can lead to blockchain hacks, but also the language in which they are written. On 30 July 2023, four Curve Finance liquidity pools were hacked as a result of a vulnerability in Vyper, the programming language used to write smart contracts for the Curve exchange. Curve Finance is a decentralized exchange with automated market maker technology (AMM DEX), and the main stablecoin liquidity hub in DeFi. In total, about $60 million was stolen, although $20 million was stolen by white hats and the money was returned to Curve. Most of the damage occurred as a result of a hack in the main CRV/ETH pool, which was drained of all its liquidity (about $40 million).

DDoS and time-dilation attacks

DDoS attacks are not carried out in order to steal crypto, but to damage crypto projects and discredit startups. They involve sending a huge number of useless, “dust” transactions to the network, which complicates its operations, slowing down the transfer of data, blockchain updates and the creation of new blocks in the chain.

Attacks on private keys

To ensure the confidentiality of data transmission in public channels on the blockchain, asymmetric encryption technology is used, namely cryptography with private and public keys. These private and public keys are linked by a mathematical algorithm. If you know a user's public key, you can encrypt a message for them, which they can read by decrypting it with the private key. If you have the private key, you can use it to figure out the public key – the reverse, however, is not true.

Private keys provide full access to all of a user’s crypto assets, which is why attackers want to access them.

The easiest way to gain access to a private key and its associated cryptocurrency is through a seed phrase, which can be acquired by simply stealing a piece of paper containing a mnemonic code, or other methods such as social engineering and phishing attacks.

To securely protect your private key and, accordingly, all of your crypto assets, you can entrust its storage to Tangem Wallet. The Tangem crypto wallet doesn’t use a seed phrase, which means it cannot be stolen. The private key is generated and stored on the chips of two or three cards (the main card and backup cards), where it remains and from which it is impossible to extract. 

Conclusion

It’s important to be aware that the blockchain is currently facing many threats, including all of the high-profile attacks listed above, as well as problems with specific networks such as errors in the programming code, encryption methods and more. Hackers are looking for these loopholes and trying to take advantage of them, by identifying vulnerabilities in the code of smart contracts, exploiting the weaknesses of blockchain technology itself, and attacking cryptocurrency exchanges.

There are other forms of attack which are, for now, purely hypothetical:

  • Cannibalism among pools (the destruction of a pool to disrupt the operation of the blockchain);
  • The P + epsilon attack: according to Vitalik Buterin, this is one of the most unsettling issues on PoW networks, and involves giving a bribe of sorts to other network participants in exchange for their support for proposed changes to the blockchain;
  • Timejacking (attempts to manipulate the timestamps of transactions).

For now, it appears that hackers are not interested in these attack strategies.

There is only one solution to everything we’ve discussed – continually working to improve the security mechanisms of decentralized networks. Experience shows, however, that the higher the level of protection, the more sophisticated the methods of bypassing it miners come up with. This is a battle that will probably go on forever. In the world of traditional finance, ATMs are hacked, money is stolen from credit cards, and banks are robbed. There is no such thing as a 100% security guarantee.