Blockchain is a new technology and a product of freedom. A relatively fair anonymous free world is constructed through consensus mechanisms, cryptography, and programming languages. Openness, transparency, and freedom are its slogan, but at the same time vulnerabilities and malicious attacks coexist with it. So what attacks have occurred in the history of blockchain? Let's take a brief look together.
DAO Attack
The DAO attack should be said to be a famous name in the chain. After all, the DAO attack almost destroyed Ethereum at the time. This attack was not a classic nominal attack but was named after an event. On June 17, 2016, a group of hackers attacked The DAO network and stole about 3.64 million ETH. On that day, the price of Ethereum plummeted by 50% and suffered heavy losses. The Ethereum team carried out a hard fork on July 20 to save losses, so now Ethereum has two chains ETC (Ethereum Classic) and ETH (Ethereum).
DAO attack hackers simultaneously exploited two attack vulnerabilities, one is to call splitDAO function recursively; the other is to destroy assets from THEDAO asset pool after DAO assets are separated. Generally, after DAO assets are separated, TheDAO asset pool will destroy this part of DAO assets, but the attacker transfers his DAO assets to other accounts before the end of the recursive call, so as to avoid this part of DAO assets from being destroyed.
Double Spend Attack
In simple terms, a double-spend attack means spending a single sum of money twice, because the consensus of the blockchain is that the longer chain is the main chain, and the data of the short chain is automatically invalidated. If Xiaohong transfers 200FIL to you, you transfer the equivalent RMB to Xiaohong's bank card, and the 200FIL transaction is generated on the chain. But Xiaohong owns 51% of the computing power of the entire network. After the transaction is received, he opens a new main chain to invalidate the block containing your transaction. In this way, Xiaohong does not lose any coins but gets a sum of money. It can be spent again, so this type of attack is called a double-spend attack.
The most famous double-spending attack in the blockchain was that in 2018, a malicious miner temporarily took control of Bitcoin Gold (BTG), and quickly withdrew coins after depositing coins on the exchange, stealing 388,200 BTG, worth up to $18.6 million. On the evening of March 18, some media claimed that Filecoin suffered a double-spending attack, which was finally confirmed as a false alarm.
Witch Attack
A witch attack generally refers to a network node constantly changing its identity through disguise, so that other nodes in the same network mistakenly believe that it is a different node. When the number of disguised nodes reaches a certain number, we think that a successful witch has been initiated. attack. Just like in "Legend of Lu Xiaofeng", Sikong picks up the stars through the means of disguise, changing into different identities to achieve his own purpose of "exploring things". In the P2P network, the behaviors of swiping votes, ranking, and reading volume can all be regarded as sybil attacks.
Many projects will be protected against witch attacks at the beginning. The perpetrators have to control the consensus mechanism of their network and have to pay a high cost. Therefore, there is no need to worry about witch attacks on some classic blockchain projects such as BTC, ETH, and FIL. , But the new project has insufficient network computing power and insufficient nodes, and the probability of successful sybil attacks on them will be much higher.
Dust Attack
To put it simply, a dust attack is to track the user's life trajectory through data to obtain the user's real information and relationship network; or to continuously send small transactions on the chain to block the message pool. It is generally difficult for users to notice changes in the amount of tokens below 0.000001 in the wallet address. Some malicious miners will attack users by sending a small amount of tokens to the wallet. Because the amount is small, this small amount is called " dust".
In late October 2018, the developers of Bitcoin Samourai Wallet announced that some of their users had suffered dust attacks. The Samourai Wallet team then implemented real-time alerts for dust tracking and a "no-spend" feature that allows users to flag suspicious funds.
Phishing Attack
As the name suggests, a phishing attack is to put bait to bite the fish, and then eat and wipe the bones. Not only do we usually have this kind of fraud in our daily lives, but the chain is also the same. Generally, we will pretend to be an official person to provide the exact information of the victim through telephone, email, social media and other channels to gain the trust of the victim and obtain the user's private key. Money transfer.
On February 19, 2018, a hacker organization in Ukraine stole more than 50 million U.S. dollars worth of numbers from the well-known cryptocurrency wallet Blockchain.info by purchasing keyword advertisements related to cryptocurrency in the Google search engine, disguising as a legitimate website Cryptocurrency.
Some of the attacks in the blockchain are aimed at project parties and miners, and some are aimed at exchanges and individual users. Attacks against project parties and miners are generally technically pre-judged in advance to avoid incidents, which are incidents with a small probability; for attacks launched by exchanges, generally mature exchanges will have a dedicated team to ensure security and reduce Probability of its occurrence; for attacks against individual users, it is hoped that users can remain vigilant, and each piece of information related to it should be treated with caution, and do not easily trust others or websites to give their own credentials or private keys. No technology is absolutely safe, and malicious attacks do not only exist in the blockchain industry. To view attacks from an ideal perspective, it is both a destruction and a cornerstone.
Directly, I need you a rate about "LIKE ??"! THANK YOU My Friends! ??
