Swap Tracker
Ruth Kise 7 min read

Various Kinds of Crypto Hacks and Why They Happen

Various Kinds of Crypto Hacks and Why They Happen

Let’s remind ourselves that the cryptocurrency financial system is still under development and is far from ideal. Many of the DeFi pros turn into cons that scammers are always happy to use. So recently, there is more and more news like 'platform hacked in a flash-loan attack' without explanation or with technical explanations. In the article, we will try to clarify this type of attack and other ways how blockchain can be hacked.

Flash-Loan Attack

Although the topic of flash loans is still developing, a number of large-scale attacks have already been carried out. Because flash loans have no limits on amounts and require no collateral, millions of dollars in ETH can be borrowed to make a significant profit.

To better understand the process, let's consider the very phenomenon of a flash loan, the principles of its operation, and its usage.

Flash Loan is a tool by which DeFi users can borrow a large amount of funds in digital assets without collateral for a period of time. A loan without collateral means that members do not have to provide proof of income and other liabilities.

Such a risk-free loan works somewhat like this: the lender lends you as much money as you like, but only for one particular transaction. By the end of this transaction, you must return to the lender as much as you have borrowed.

If you are unable to do so, the transaction will be automatically canceled! In other words, a loan is atomic: if you cannot repay it, everything goes back, as if there was no loan.

The most common method of using flash loans for profit is arbitration. This is a process that uses the difference in asset prices in two different markets.

Another method of making a profit is a "wash trade". This type of trading involves making purchases and selling an asset to increase trading volume. In traditional markets, such a procedure is prohibited.

Flash Loan attacks can be successful if an attacker can manipulate the market to a certain extent. These attacks are carried out by arbitrating pumps and dumps and/or manipulating oracles. They are cheap to execute since attackers do not take on monetary obligations.

Typically, these attacks are complex, multi-step processes executed by highly experienced DeFi users. In many cases, they involve depleting liquidity pools that ordinary users have invested in, causing many people to incur significant losses.

Next, let's look at several more common attacks on the blockchain.

51% Attack 

The most commonly known threat to the blockchain network. The name of the attack is an analogy with a controlling stake in the business sphere. The problem lies in the Proof-of-Work protocol, which is used by projects such as Bitcoin, Litecoin, Monero, and others. Its essence is that several miners with significant hashrate can get a "controlling stake" in the network, that is, they will have more than a half of all the network’s hashrate.

Such conditions allow a hacker to carry out a double-spending attack, in which he can spend a larger amount than he has in his wallet. As a result, the blockchain is seized, and all the participants' funds are transferred to the ownership of hackers. In large networks, the chance of such an attack is several times lower due to the large number of participants and expensive equipment.

Finney Hack

The first recipient of the bitcoin transaction was Hal Finney and he was the first to talk about launching bitcoin. He was also the first to suggest the possibility of a double attack on the network. For this reason, the attack was named Finney Hack or Finney Attack in his honor.

Finney Hack is a type of double-spending attack, which can happen when a person accepts an unconfirmed transaction online. Finney explained that the miner could generate a block in which he would include a transaction from address A to another address B, where both addresses belong to him. You will then make another payment in the same currency by sending from address A to address C (which belongs to another user).

If the specified user accepts a transaction without confirmations from the network, a scammer can free the block in which his original transaction is included. This invalidates the transaction committed by the trader, allowing the attacker to double the cost.

Race Attack 

Another type of double consumption. Inexperienced and hasty traders can give the goods, even if the transfer failed, since there was a transaction attempt. Some sellers use "express payments" without the necessary confirmation for small amounts. In the wallet of the receiving party, such a transaction will be "in processing," and the addressee will have "not confirmed."

A fraudster can convert such a transfer: send the transaction both to the seller's node and to his address on the network, broadcasting to the blockchain only the second one. The last transaction will be considered valid during the check, and the first transfer will be invalid.

To prevent such an attack, it is not recommended to accept incoming connections to the node and wait for several transfer confirmations (3 confirmations for the amount from $1000 to $10,000, 6 from $10,000 to $ million, and for even larger transactions up to 60 confirmations).

Eclipse Attack

A special type of cyber attack, when a hacker forms an artificial area near one node to control his actions. The attacker redirects outgoing and incoming data from the target node to its own, separating the deceived user from the real network.

The isolation of the target node allows confirming illegal transactions on its behalf and cut it off from messages with neighboring nodes the hacker does not need to hack the entire network, it is limited to a small set of nodes. To block the node, a botnet or a phantom network is used to fill the node with IP addresses for synchronization on the next connection.

The consequences of an eclipse attack are usually double-spending attacks, which have already been mentioned above, as well as a miner power failure when a hacked user spends electricity and time solving problems of artificial blocks that do not exist in the real blockchain network.

Cryptographic Vulnerability Attacks

Cybersecurity experts say as one that the most vulnerable place in any system is a person and scammers use this fact. Another consequence of the human factor is called errors in the code, having discovered which, an attacker can break the entire network.

As an example, on Ethereum, a fraudster discovered a security loophole in the source code and assumed about $50 million in the coins, which amounted to about 30% of the total coin volume at the time. Because of the incident, the community split into two groups. The first, led by the creator of Ether, was outraged by the theft, offering to make a hard fork and return the coins to the legal holders. Their opponents were convinced that the real owner of the coins was now a hacker ("The code is the law"). As a result, the community came to an agreement to create a soft fork. 

Social Engineering Crypto: Phishing

These techniques rely on human vulnerabilities, not the technical prowess of a potential hacker. It is used to gain (unauthorized) access to sensitive data, cryptocurrency wallets or accounts, or to induce victims to download malware onto computers and networks to enact further damage. Such techniques include phishing, baiting, quid pro quo attacks, pretexting, and tailgating.

Phishing is one of the most popular of them. It is used to steal private keys, card numbers, bank accounts and other confidential data. The simplest version of cryptocurrency phishing is the good old spam mailings of emails allegedly sent by this or that web service. In this case, letters are sent on behalf of cryptocurrency wallet sites or exchanges. 

Such fake messages look noticeably more detailed and neatly written than phishing messages on average. For example, this may be a security alert that says that recently someone tried to log into your account from such and such and such a browser follow the link to check if everything is in order. The user himself could configure and accept the reception of such messages on the wallet website and he will not notice anything unexpected or even more wrong.

Conclusion

As you can see, the crypto market is full of danger. In the article, we described only a few types of potential fraud. Creators are constantly working to improve security protocols. But while the system is not ideal, it is worth remembering the possible risks and not taking the bait. 


Related Posts

Cryptocurrency Wallet Types: Pros And Cons

Cryptocurrency Wallet Types: Pros And Cons

June Katz 7 min read
In order to store crypto and increase the security level of your funds, you can use a cryptocurrency wallet. They have a higher level of protection in comparison with the crypto exchanges. In this article, you will get to know about the advantages and disadvantages of crypto wallets and get acquainted with their varieties and the most popular ex
Read more ❯
The Biggest Cryptocurrency Thefts in the Last 10 Years

The Biggest Cryptocurrency Thefts in the Last 10 Years

June Katz 11 min read
In this article, we will try to remember all the major cryptocurrency thefts over the past 10 years. 1. Bitstamp hack , $5.3 mln ( BTC ), January 4th, 2015 On January 4, 2015, the operational hot wallet of Bitstamp announced that it was hacked by an anonymous hacker and 19,000 Bitcoins (worth of $5 million) were lost. The initiatio
Read more ❯
Public And Private Keys

Public And Private Keys

June Katz 2 min read
As well as fiat, cryptocurrencies need to be stored securely. That’s what we need these keys for. In this article, we will tell you what private and public keys are and how they are used. What are private keys? A private key is a number that is encoded in different formats depending on which wallet you are using. In each format, the private
Read more ❯
Blockchain Consensus Algorithms and Their Varieties

Blockchain Consensus Algorithms and Their Varieties

June Katz 5 min read
This article is written for beginners who are just starting to learn the crypto world. We want to help you a little. As you might have guessed, this article will be about blockchain consensus algorithms . On the blockchain market, there are a lot of consensus algorithms allowing us to choose what is the most relevant node for signing
Read more ❯

Where all instant exchangers met for your smoothest experience

Maximize profits, minimize search

Tags

cryptocurrencies

Recent Posts

Cryptocurrency Wallet Types: Pros And Cons
Cryptocurrency Wallet Types: Pros And Cons

Cryptocurrency Wallet Types: Pros And Cons

June Katz 7 min read
In order to store crypto and increase the security level of your funds, you can use a cryptocurrency wallet. They have a higher level of protection in comparison with the crypto exchanges. In this article, you will get to know about the advantages and disadvantages of crypto wallets and get acquainted with their varieties and the most popular ex
Read more ❯
The Biggest Cryptocurrency Thefts in the Last 10 Years
The Biggest Cryptocurrency Thefts in the Last 10 Years

The Biggest Cryptocurrency Thefts in the Last 10 Years

June Katz 11 min read
In this article, we will try to remember all the major cryptocurrency thefts over the past 10 years. 1. Bitstamp hack , $5.3 mln ( BTC ), January 4th, 2015 On January 4, 2015, the operational hot wallet of Bitstamp announced that it was hacked by an anonymous hacker and 19,000 Bitcoins (worth of $5 million) were lost. The initiatio
Read more ❯
Public And Private Keys
Public And Private Keys

Public And Private Keys

June Katz 2 min read
As well as fiat, cryptocurrencies need to be stored securely. That’s what we need these keys for. In this article, we will tell you what private and public keys are and how they are used. What are private keys? A private key is a number that is encoded in different formats depending on which wallet you are using. In each format, the private
Read more ❯
Blockchain Consensus Algorithms and Their Varieties
Blockchain Consensus Algorithms and Their Varieties

Blockchain Consensus Algorithms and Their Varieties

June Katz 5 min read
This article is written for beginners who are just starting to learn the crypto world. We want to help you a little. As you might have guessed, this article will be about blockchain consensus algorithms . On the blockchain market, there are a lot of consensus algorithms allowing us to choose what is the most relevant node for signing
Read more ❯
Exchanges and Exchangers
Exchanges and Exchangers

Exchanges and Exchangers

June Katz 3 min read
There are several ways to swap digital currency in the cryptocurrency market. The choice is between the exchanges and swap services, or exchangers. Both offer a wide range of digital currencies , a lot of altcoins at an affordable cost. So what is the difference? Where it’s better to exchange Bitcoin – on crypto exchange or the excha
Read more ❯