Different types of attacks on blockchain
Reports of new database hacks appear in the news on a regular basis. Blockchain is regarded as a more secure technology. But it can also be attacked. We've compiled a list of the most common types of blockchain attacks.
Blockchain is an innovative technology and information security tool, but as you know, no technology or software is completely secure. Blockchain is also not an exception. Attacks on distributed registers differ in hacking methods and are mostly aimed at exploiting "gaps" in the consensus mechanism for monopolistic control of the hashrate or individual structural elements of the infrastructure — nodes. This kind of control makes it possible to change the data that is submitted to the registry and temporarily create transactional chaos in order to steal coins.
51% Attack
It is the most common danger facing blockchains. The name of the attack was derived from the analogy of holding a controlling stake or number of votes in the world of large corporations. This attack affects Proof-of-Work blockchains that use cryptocurrencies such as Bitcoin, Litecoin, Monero, and others.
The attack entails one person or a group of individuals controlling a sizable portion of the hashrate, typically more than 50% (over the mining capacity used for coin emission). This gives attackers the ability to reorder transactions, delete them, or prevent them from being confirmed. Additionally, attackers try to stop other miners from mining new coins. Such actions are intended to cause an artificial network failure. For example, deleting transactions allows attackers to use cryptocurrency multiple times, a practice known as double-spending.
The blockchain is actually "captured" as a result of such an attack, and there is a chance that all participant funds will end up in the attackers' possession. The likelihood of an attack is currently very low in large networks like Bitcoin because of the high number of participants (nodes) and relatively expensive mining equipment. Small networks with a small number of validators, unfortunately, are not immune to this.
Blockchains of coins such as Zencash (ZEN), Litecoin Cash (LCC), MonaCoin (MONA), Verge (XVG), Bitcoin Gold (BTG), and a number of Ethereum blockchains such as Krypton and Shift were affected by the 51% attacks.
Eclipse attack
This is a type of blockchain attack in which an attacker focuses his efforts on controlling a single node or an entire group by redirecting outgoing and incoming data to his own nodes, thus isolating the deceived user from the real network and actual data. The specifics of this type of attack have previously been described.
Sybil attack
This is a larger attack format than the previous one and is most commonly used in peer-to-peer systems with equal participants. This method was named after a well-known case of a woman suffering from dissociative personality disorder. Nodes experience similar effects as a result of Sybil's attack.
Attackers join forces and attempt to gain control of a sizable portion of network nodes in order to launch an attack. Attackers try to bring down the network by manipulating valid transactions and generating invalid (false) ones once they have taken control of enough nodes. The Sybil attack was first described by Microsoft expert John Dossier, who believes that the blockchain cannot distinguish between physical and "virtual" network nodes. Following that, attempts were made to develop and implement mechanisms for recognizing and identifying the equipment on which the nodes are deployed, but the results were not as expected.
The damage from such an attack can range from artificial manipulation of the node owner's rating to vote falsification. If successful, the attacker can disconnect a group of real nodes from the network, replacing them with virtual counterparts. Under certain conditions, this can facilitate a 51% attack in order to do double spending and gain control of all transactions via specialized software.
This type of attack is a priori impossible on the Bitcoin blockchain due to the algorithm's requirements for the creation of new blocks. Sybil's attack on the blockchain of the first cryptocurrency is economically unprofitable because, according to the consensus algorithm's rules, the capacity to create a block is equal to the computing power of the Proof-of-Work mechanism.
Finney attack
Hal Finney is known to have been the first person to receive a Bitcoin transfer. He is one of the most likely candidates for the title of Bitcoin's creator, hiding his identity behind the pseudonym Satoshi Nakamoto. The idea that a blockchain attack might occur was also first put forth by him. As a result, it was dubbed "Finney's attack" in his honor.
This is another type of double spending attack that is based on an unconfirmed network transaction. Finney predicted that any miner should be able to generate a block containing a transaction from address A to address B, where both addresses belong to the same person. He will then make a transfer in the same currency by sending coins from address A to address C, which belongs to another user. And if the recipient of the transfer accepts the transaction without confirmation from the network, the attacker can free the block where his original transaction was included. As a result, such a transfer would be rendered invalid, allowing the attacker to double spend.
Race attack
This is yet another example of a threat of double spending. Inexperienced and hasty sellers risk selling a product or service as a result of a failed funds transfer by simulating a payment attempt. Some entrepreneurs accept micropayments for small amounts without waiting for confirmation. A fraudster may attempt to imitate such a transfer by simultaneously sending a transaction to his own network address and the seller's address, exposing only the first transaction to the blockchain. During the check, the last transaction will be considered valid, while the first (slower) will be invalid.
It is not advised to automatically accept transactions at the node level without holding out for at least a few confirmations in order to avoid such an attack.
Vector76 attack
The attack, also referred to as the "single confirmation attack," received its name from a Bitcointalk forum user going by the handle Vector76, who in 2011 shared a precise description of this double-spending technique. The synergy of "Race attack" and "Finney attack" is the foundation of this type of attack.
To counteract such a threat, drop incoming connections to a node and only send outgoing connections to authenticated nodes. To carry out the attack, the attacker must sacrifice one block that will not be exposed to the general network and will only go to the victim's node.
The following conditions must be met for the attack to succeed:
- use the wallet to withdraw funds with the condition of one confirmation of the network;
- get permission from the wallet provider for direct incoming connections to the node;
- the victim node must have a static IP address.
Cryptographic Attacks
Nobody has resolved the "human factor" problem. The most high-profile case occurred when a fraudster discovered a vulnerability in the Ethereum blockchain's source code and stole coins worth approximately $50 million (nearly 30% of the total coin emission at the time). The community divided into two groups as a result of this unfortunate event. Outraged by the theft, the first group, led by the well-known Ethereum co-founder, proposed performing a hard fork to return the coins to their rightful owners. However, opponents from another group held the view that the hacker was already the rightful owner of the coins because of the unwritten rule that "the code is the law." As a result, both groups were able to reach an agreement and decide to create a soft fork.
In conclusion
There are other types of attacks, but we've covered the most well-known ones in this article. Node owners and blockchain designers should be aware of the aforementioned threats and take steps to reduce the risks associated with their implementation.