Recently, five cryptocurrencies – Bitcoin Gold,Monacoin, Verge, Zencash and Litecoin – have been attacked, at least theoretically if not actually.
It was found that the attackers garnered substantial computing power to hit the smaller networks, manipulate their transactions, and make off with millions of dollars. In other words, it has been the perfect bank heist through cryptocurrencies.
What happened exactly?
Investigations revealed that nearly 51 percent of the attacks were conducted by a notorious vector that attacks cryptocurrencies. A study conducted by the New York University revealed that these attacks could increase, and soon.
Cryptocurrencies have been wanting to solve the problem of “double spend” for quite some time now.
Messaging networks were not able to perform as money systems without creating incentives for computers to prevent and monitor bad behavior. In other words, they can’t stop someone from using common data multiple times simultaneously without the help of a 3rd party to carry out such illegal activities.
Hackers use this attack vector to pilfer money by double spending transactions under a few specific conditions. They need to work on their hashing power, which could yield them the millions they intend stealing. Their aim has always been to target those exchanges that have huge reserves of cryptocurrency.
By amassing a substantial portion of the hashing power of a network, an attacker double spent two very large transactions transmitted to the exchange. Zencash, for instance, was attacked three times and the attacker made off with 21,000 ZEN, which was worth in excess of $500,000 when it was written.
Attackers are even known to exploit insecure rules that confuse networks into giving them money and usually target the verge’s lower layer of protocol.
Why is it happening?
It has been observed that the smaller coins are more frequently attacked because they attract fewer miners. Moreover, it’s far easier to rent or buy computing power that’s necessary for building up a network’s majority share.
Moreover, as mining marketplaces continue to grow, users can rent the appropriate hardware instead of buying it, set it up and run it easily. This enables the attackers to buy huge amounts of mining power easily without having to part with money or time for setting up their personal miners. Attacking becomes easier as marketplaces amass excess hashing power.
What is the solution?
If exchanges or users accept only older money, or money buried by multiple transactions blocks, known as “confirmations,” or increase their hashing power, the problem could be tackled. The more confirmations made, the harder it is to steal funds. Bitcoin, for example, has upped its confirmations to 50 from 5 and plugged the outflow.