Security Bitcoin and blockchains remains a hot topic. Losing Bitcoin as a result of theft and fraud is a painful experience. In the past, hacks of cryptocurrency exchanges led to the loss of hundreds of thousands of bitcoins. In other cases, crypto-wallet application vulnerabilities allowed hackers to steal bitcoins from unsuspecting users.
Hackers and thieves can steal bitcoins and other cryptocurrencies. There is no doubt about it. But what about blockchain? Can you hack the blockchain? Or could you use blockchain malware?
Is it possible to hack the blockchain?
Blockchain technology is touted as a replacement for everything from banking to passport control, industrial supply chain tracking, international customs inspections, and more. While blockchain technology can help in such situations, it is by no means a panacea or a magic bullet. There is an important unifying factor in each of these hypothetical use cases: safety.
Before companies, governments and other organizations begin to implement blockchain and cryptocurrency technology, the security of this technology requires careful study.
It was believed for a long time that blockchains cannot be hacked. The only situation where you could hack a blockchain was a 51% attack. And completing a 51% attack was considered difficult.
How does the attack on 51% work?
The security of the blockchain lies in the verification of the network. Blockchain remains secure because every miner checks the block hash. If the blocks are forged, the hash of the block does not match and the miners of the cryptocurrency and the network may reject the block.
The power of blockchain lies in decentralization. Miners checking blocks do not directly control the network. But they play a vital role in making the network work properly.
The network remains secure until one entity controls more than 50% of active nodes. If one entity controls more than 50% of the network, it can prevent new transactions from being processed, suspend payments altogether, and potentially engage in double spending on cryptocurrency.
However, one of the common misconceptions about 51% of attacks is that the attack could create new bitcoin (or cryptocurrency belonging to the blockchain under attack). It is also highly unlikely (read: almost impossible) that an attacker could modify previously checked blocks.
51% attack sounds difficult. Controlling more than 50% of the nodes on the same network should take time and resources. Unfortunately, this is not as difficult as you might think. Check out the short and recent history of 51% of attacks to see how often this type of blockchain hack occurs.
Using blockchain vulnerabilities
A 51% attack is not the only problem that blockchain technologies face. The complexity of blockchain technology means that developers sometimes embed vulnerabilities directly into the blockchain. When a vulnerability exists in a blockchain, it is only a matter of time before someone discovers it.
In February 2019, the Zcash development team revealed that it fixed " subtle cryptographic flaw "In the Zcash protocol. Although no hacker exploited the Zcash vulnerability, an attacker could have used it to create an unlimited number of fake Zcash tokens.
Can you roll back the blockchain?
There are other examples of blockchain and cryptocurrency developers who inject vulnerabilities into their platforms, such as the DAO hack (which caused the Ethereum network to roll back) and the unsuccessful bitcoin hit (which caused the Bitcoin network to roll back after the hacker created 92 billion bitcoins). )
In early 2019, the Ethereum network was planning a major upgrade. Just prior to the release of the update, smart contract security firm ChainSecurity told the Ethereum development team that the update could be disastrous. The planned upgrade will leave existing smart contracts on the Ethereum blockchain open to the same type of error that led to the DAO hack.
In the early days of cryptocurrency, network rollback was difficult, but could achieve easier agreement between network nodes and other participants. Examples of Bitcoin and Ethereum blockchains are prime examples.
More recently, the idea of rolling back the blockchain to counter hacking has met with resistance. In mid-2019, the Binance exchange crashed, losing over $ 40 million worth of tokens. Binance CEO Changpeng Zhao has publicly discussed the rollback of the Bitcoin network to counter theft and recover funds in the process.
Although rollback is a serious problem for large networks such as Bitcoin and Ethereum, smaller blockchains successfully rolled back after breaking the blockchains.
In July 2014, there was a violation on the MintPal exchange. About 8 million Vericoin were stolen during the break-in, which is about 30% of the total Vericoin supply. Given the implications of a single hacker holding so much of the stolen cryptocurrency, the Vericoin development team decided to roll back the blockchain for a hard fork. (Unlike a soft fork, which does not break the blockchain.)
.@MintPalExchange was my favorite exchange until the #VeriCoin rollback / hack debacle / mystery. The UI was fine. I miss that old MintPal.
- Mr Coins ⚡️ (@CryptoDabbler) October 15, 2014
Is there any malware on the blockchain?
Cryptocurrency hacks specifically designed for blockchain are rare. Blockchain technology is considered secure as it implements a wide range of security protocols and cryptographic primitives. It was costly to rollback Vericoin, but it was not an attack on the blockchain itself. Rather, an exchange whose blockchain transaction records created an issue that the Vericoin developers fixed with a blockchain rollback and a hard fork.
Distribution of malware across the blockchain is difficult for a number of reasons. The blockchain transaction size is very small, usually tens of kilobytes. Consequently, any malware must comply with the blockchain size limits, making it difficult to develop malicious software.
Distribution of malware using blockchain is difficult. However, blockchain technology has other uses for malware. The Glupteba malware uses the bitcoin blockchain to receive updates and commands, allowing developers to quickly respond to any commands and manage server hacking. Instead of reconfiguring the entire malware control structure, the malware developer simply updates the script.
В Trend Micro Blog It tells how the Glupteba variant uses bitcoin transactions to bypass security software.
Can you crack the blockchain?
Back to the original question: can you hack the blockchain? Blockchain technology has vulnerabilities like any other major technology. And like other technologies, most of the vulnerabilities that blockchain technology expose stem from human error.
Blockchain hacking is not the only way that criminals and malware affect cryptocurrencies. Malicious malware steals your CPU power to mine crypto, while criminals use Bitcoin to launder ransomware proceeds.