There are several cryptocurrency attacks in the Crypto ecosystem such as the Sybil attack, Double-Spend attack, etc. 51% attacks occurred on two big crypto networks, Bitcoin Gold and ZenCash in 2018. The total amount stolen was over $18 million from both networks.
The ZenCash attack could appear unachievable for such a big company, as the computing power of Zen was incredibly high during the attack. Yet, there was a team of investors directing over 50% of the hash rate who benefited from it.
A while before, but with increasingly significant losses, blockchain developers disclosed formally that Bitcoin Gold has its hash rate acquired by an anonymous miner who withdrew almost 338,000 of crypto cost $18.8 M. Upon gaining short-lived power over the network, the criminal transferred the assets to several crypto platforms, sending them to his or her wallets simultaneously.
Assuming the network was not hacked, the process would have been nullified, but disruption of the network gave the hacker permission to incorporate the necessary transactions into the main blockchain.
A month earlier, criminals staged the same attack on Verge company amounting to ¼ of its finances. Research on probable attack risks proposes that, in theory, Bitcoin might also be attacked, for malicious miners to oversee the network.
It can be related to the majority shareholder: an individual (a set of people with initial agreement), managing more than half of a cryptocurrency computing power, can do anything alongside the network.
Put simply, computing power is the algorithm of mathematical computations that enables crypto mining; that is solving tasks and obtaining rewards for such effort. The better the hash rate, the better the probability to compute the needed value to create a new block, that offers a reward to miners (fundamentals of PoW consensus algorithm).
At the first level, when virtually no one has an interest in crypto, it is not an issue to gather every generating power; from an economic standpoint, it has no meaning; but is a reliable means of destroying the competitors.
Thus, 51% attack for new companies is like a feasibility test. But big companies are attacked as well. For instance, bitcoin can be supposedly managed when the whole batch of BFL ASIC (mining equipment) is purchased. The only concern is it needed?
Yes, it will offer absolute control of the network, but after a major selling-off (if not, why should the network be hacked?), the coin’s value will decline. Who will want to buy such cryptocurrency knowing that an attack occurred? Also, the equipment is so costly, so the bitcoin 51% attack is simply a hypothesis.
The issue is that it can be achieved and the challenge of probable attacks on Bitcoin or Litecoin has not been solved. As we can see from that of Verge, criminals can also stage attacks indirectly, discovering simpler ways to do so.
The ZenCash hack was not vivid. What analysts said was that there is a likelihood that the hackers had adequate hash power themselves, or it was rented for a while. Asides from that, the attack’s value was quite small, and therefore, the likely issue is experienced, firstly, by minute coins, using PoW technology.
Safety measures set up to prevent 51% attack have not been finalized. One of the remedies is to improve the number of validations and suspending the equipment of miners, responsible for the attack.
For instance, after Feathercoin’s attack, the number of validations for Bitcoin rose from 6 blocks to 100. Bitcoin Gold creators proposed that the platform should increase the number of validations to about 50 blocks.
Although, it simply makes the attack very complex, but does not take away the likelihood. Criminals only have to obtain more hash power. The rate of ZenCash wasn’t influenced by the attack, unlike as experienced with other coins.
Other instances of these attack are:
- Krypton and Shift, both blockchains that rely on ETH, experienced 51% attacks in 2016. Almost 22,000 in value of crypto was stolen via double-spending by an assembly of fraudulent miners, with the name “51 Crew”.
- In 2014, ghash.io (a mining pool) shortly oversaw almost 55% of the BTC network computing power. Then, cryptos were not that renowned, so one of the big pools acquired entry to the network resources, however for a little time.
The pool in no time voluntarily lessened its share of the network, so it couldn’t attain 40%, but the rate was down by about 25%.
As we know that criminals are now having much interest in big cryptos infers that an imminent threat is becoming stronger. Double-spending, a very typical effect of 51% attack, is currently enlisted as a distinct kind of attack. It is further divided into some categories, like Race attack or Finney attack.
They conceive the same objectives, to carry out double-spending and validate only the necessary, fraudulent transactions.
Sybil attack is the next most frequent kind of cryptocurrency attack. It occurs when a criminal generates several IPs and loads the network using controlled blocks meant for illegal acts. A fraudulent user aims to hover the intended block by multi controls to oversee every transaction in either direction.
In big projects like Bitcoin and alike cryptocurrencies, it becomes tedious to stage such an attack, as the user’s nod selects the network nod to validate the transaction randomly. The chance of being surrounded is hardly the case, but it still occurs.
These attack type most affects new cryptocurrencies of a 2nd tier and the susceptibility is that anytime a user is establishing a connection with the network, it can’t identify the IP of verified nodes and has to demand it.
In the case that the demand gets to the attacker’s nod, the user obtains corrupted data. The issue is heightened on the basis that the decentralization concept doesn’t give room for the generation of a lasting list of verified nods. So, a user has to find new verified nods every time.
Though the connection procedure is haphazard, a criminal can stage it for the user’s journal to include only the hacker’s IP.
DDoS attacks & delays in time
A DDoS (distributed denial-of-service) attack is not purported for economic benefits. Instead, it is a fraudulent attempt to destroy a company or halt the entire network.
Hackers are submerging their prey or its encompassing infrastructure using a flush of internet traffic, and thus affect the typical traffic of a server, delay the data relay, the generation of new blocks, and network updates.
Every project has a type of protection from DDoS attacks. For instance, bitcoin network has inbuilt protection from these attack types; few cryptos deduct little commission charges which take out faux transactions developed by bots.
A big flush of “spam” payments leads to a spike in commissions and IOTA experienced a horrible DDoS attack in 2017.
Crypto attacks are held every time; at times, they are profitable. Criminals spot the code deficiencies, exploit the weakness of blockchain technology, and even disrupt the cryptocurrency platforms and what happens thereafter is not positive.
The majority of probable attacks are theoretical as they have no benefit to criminals but their likelihood and the attacks that have occurred earlier infers that the coin is not that safe. The stability might move to either side.
How to stay ahead of Cryptocurrency Attack
Although there are several ways to step ahead of the curve securing your cryptocurrencyy exchange and applications, using a secure cryptocurrency wallet is your best bet. A secure cryptocurrecny wallet is a kind of crypto wallet that gives you access to your digital keys, viz BC Vault wallet and other hardware wallets.