According to trusted cybersecurity firm Group-IB, 51 percent attacks on cryptocurrency projects are on the rise. Thus far in 2018, the firm has tracked 5 successful 51 percent attacks, with hackers claiming almost $20 million in profits, The Next Web reports.
This is the first time we have seen a series of 51 percent attacks in crypto. Group-IB could not find a report of a single instance of a 51 percent in 2017. The full Group-IB report reveals that the total $19.5 million stolen from unsuspecting cryptocurrency projects this year largely took place between April and June.
One of the biggest threats to traditional blockchain networks, a 51 percent attack occurs when a single entity takes control of over 50 percent of the overall mining power in a Proof-of-Work (PoW) blockchain.
“They can be either carried out by one miner with a large number of computers or a group of miners forming a mining pool,” Group-IB told The Next Web. “Control over 51-precent [sic] of the network power itself is not necessarily an attack — unless there has been intentional use of this advantage.”
Once control over a network’s hashrate is achieved, hackers can wreak havoc by stopping transaction verifications, suspending mining, and preventing other miners from verifying transactions. A 51 percent attack also highlights one of the biggest risks in digital money systems: double-spending.
Double spending is the process by which a single digital token can be spent more than once. It is in many ways similar to creating counterfeit money. In the case of a 51 percent attack, hackers can create entirely unique blockchains, hidden from view, wherein they can freely verify false transactions. Group-IB told The Next Web that this is the greatest threat to PoW blockchains.
“It is possible to double spend even without controlling this much network power,” Group-IB explains. “However, control over 51-percent is an absolute guarantee that the fraudster’s block is recognized as correct.”
51 Percent Attacks in 2018
In 2018, hackers successfully attacked and subsequently crippled a number of small altcoin projects. A bug in Verge was used by hackers in both April and May to cash out more than a million dollars worth of cryptocurrency, while at the same time refusing to process other token holder transactions.
In June, Zen cryptocurrency lost $550,000 through a 51 percent attack that lasted only 4 hours. A similar attack happened to Litecoin Cash later that month.
However, the biggest attack this year was on Bitcoin Gold, which lost 388,000 BTG ($18 million) in May after a “malicious miner” took control of the BTG network. The attack quickly resulted in US-based exchange Bittrex delisting Bitcoin Gold from its exchange due to security concerns.
“Cybercriminals can get high rewards and steal lots of money by attacking small and unknown cryptocurrencies,” a Group-IB spokesperson told Hard Fork. “It is just technically easier to compromise relatively unknown cryptocurrencies, which usually do not have the capacity for the rapid response necessary to stop the attacker converting stolen funds to a more stable currency.”
The Next Web reports that planning a 51 percent attack requires a large investment on the part of hackers. These funds are usually garnered from traditional mining rewards. In the case of the ZenCash attack, hackers needed at least $30,000 to snatch the over half million dollars from the attack.
A website specializing in how much it would cost hackers to execute 51 percent attacks on some of the biggest crypto networks reveals some shocking statistics. According to crypto51.app, an attacker could take control of the Bitcoin hashrate for an hour for only $530,000 and Ethereum for just $150,000.
Group-IB recommends that the best defense for smaller crypto projects wanting to protect themselves against a 51 percent attack is to use encryption algorithms not typically adopted by large virtual currencies.
“This would allow to avoid the scenario where a mining pool is compromised and has negative effects on other cryptocurrencies that use the same algorithms,” Group-IB concludes.
Unhashed.com is author of this content, TheBitcoinNews.com is is not responsible for the content of external sites.
Our Social Networks: Facebook Instagram Pinterest Reddit Telegram Twitter Youtube