Even The Most Secure Blockchains Are…
By Sandeep Kasalkar
Often we tend to overestimate how secure a blockchain is. Although security is built into every aspect of blockchain technology, even the most secure blockchains are vulnerable to attacks from contemporary cybercriminals. The attacks on Ronin, Binance, Coincheck, Wormhole, PancakeBunny and the Beanstalk exchange, which have seriously damaged the credibility of the blockchain itself, have previously been examined by experts.
Blockchains can withstand conventional cyberattacks quite well, but hackers are developing new techniques expressly for compromising blockchain technology. Let’s examine the most major blockchain assaults to date as well as the key attack vectors used to target blockchain technology.
Blockchain network attacks
A blockchain network consists of nodes that carry out transactions, establish new ones, and offer other services. For instance, the Bitcoin network is made up of miners that add authorised transactions to blocks and nodes that send and receive transactions. The following sorts of attacks are used by cybercriminals to take advantage of network weaknesses.
1.Distributed Denial of Service
DDoS attacks aim to knock down a server by overloading it with requests, which is how they want to bring down a blockchain network. DDoS attacks target e-wallets, cryptocurrency exchanges, mining pools, and other financial services on a network. DDoS attacks using DDoS botnets can potentially be used to hack a blockchain at the application layer.
2.Transaction Malleability attacks
A transaction malleability attack aims to deceive the target into making two payments. Every transaction on the Bitcoin network has a hash, which serves as a transaction ID. If an attacker is successful in changing a transaction’s ID, they may try broadcasting the transaction to the network with a modified hash so that it is confirmed before the original transaction. If it is successful, the sender will think the initial transaction was unsuccessful, but the money will still be taken out of his or her account. Additionally, the same amount will be deducted twice if the sender repeats the transaction. Once the two transactions have been verified by miners, the hack is complete.
3.Timejacking
A hacker compels a node to accept an alternate blockchain by changing the node’s network time counter during a timejacking attack. A malevolent person can accomplish this by adding numerous fictitious peers to the network with false timestamps. However, by utilising the node’s system time, a timejacking attack can be avoided.
Routing attacks
An assault on the routing protocol might affect the network as a whole or specific nodes. This hack aims to alter transactions before they are sent to peers. As the hacker separates the network into sections that cannot connect with one another, it is practically impossible for other nodes to notice this tampering. In reality, routing assaults are two distinct attacks:
- A partition attack, which separates the groups of network nodes
- A delay attack, that interferes with communications as they are propagating and sends them to the network.
Sybil attacks
A Sybil attack is set up by giving a node many identifiers. Every request is forwarded to several nodes in blockchain networks because there are no trusted nodes.
A hacker seizes control of numerous network nodes during a Sybil assault. The victim is then encircled by false nodes, who stop all their transactions. The victim thus becomes vulnerable to double-spending attacks.
Eclipse attacks
A distributed botnet or extensive IP address control are requirements for an eclipse attack. The attacker then replaces the addresses in the victim node’s “tried” database and waits for the victim node to resume. All incoming connections from the victim node will be routed to the attacker’s IP addresses after resuming. This prevents the victim from getting the transactions they want.
You need to login in order to Like
