- How the 51 Percent Hacking Attack Occurred
- A Cardinal Vulnerability
- The Statcounter Hacking Attempt
- A Bearish Crypto Market to Blame
- Hash Power for Rent Is a Great Contributor
The Ethereum Classic hack recently made headlines after hackers successfully launched a 51 percent attack on the blockchain and made away with over $200,000 worth of the digital currency.
Gate.io was particularly affected, but the hackers apparently returned a portion of the loot. According to a report released by Gate.io, about $100,000 worth of the Ethereum Classic digital currency was returned.
The company speculates that the perpetrator may have been a white-hat hacker who wanted to demonstrate the vulnerabilities of the Ethereum Classic network.
How the 51 Percent Hacking Attack Occurred
A 51 percent attack is contingent upon one entity controlling over half of the prevailing hash rate on a network. The attacker can halt transactions, reverse them, or rewrite the blockchain history.
In the Ethereum Classic hacking case, the hackers rented enough hashing power to undermine the prevailing one and then carried out a heist after launching a double-spend attack. The incident occurred on January 7 and was sustained for four hours. All transactions were confirmed during the attack, and passed the validity test, but became invalid after the hack was over.
Coinbase was able to thwart the hacking attempt on its network in time by pausing transactions involving the Ethereum Classic cryptocurrency. The site reportedly discovered 12 double-spend instances on the network totaling about 219,500 ETC valued at just over $1 million.
A Cardinal Vulnerability
That said, the 51 percent attack vulnerability is sine qua non to proof-of-work networks. Normally, a blockchain is maintained by honest miners who further the honest chain. However, nodes with overwhelming computing power will have the ability to overwrite a blockchain.
According to the latest report, Gate.io has implemented a 51 percent detect as an extra protection measure. The platform has also raised transaction confirmation figures to 4,000.
Seven rollback transactions were detected on the Gate.io platform and four were used by the attacker to transfer 54,200 ETC. The company notified other exchanges of the addresses used by the hacker and announced that it would reimburse affected clients. At the time of the incident, Ethereum Classic had a value of about five dollars.
The Statcounter Hacking Attempt
In November last year, Gate.io also suffered a hacking attempt via Statcounter. Malicious code was injected into the Statcounter script that had been embedded on the site. The code was designed to capture transactions made on the platform, particularly withdrawals, and replace receiving addresses with those belonging to the hacker.
Statcounter is an analytics script similar to Google Analytics that monitors visitor activity. In this case, hackers modified it for use as an intrusion tool. Gate.io was apparently able to disable the script on its platform in time, effectively curtailing the attempt.
A Bearish Crypto Market to Blame
The precipitous decline in crypto prices has accentuated the risks of 51 percent attacks on cryptocurrency networks. Many nascent cryptocurrencies are now vulnerable due to reduced mining profitability that has edged out a significant number of miners. This has led to a fall in hash rates making it easy to obtain enough hash power to beset a network.
Fewer miners mean a falling hash rate, which in turn makes it cheaper for cyber-criminals looking to rent computing power targeting a cryptocurrency network. Right now, it theoretically costs about $249,824 an hour to launch a 51 percent attack on Bitcoin at the hash rate of 38,063 petahashes per second. Actual figures are bound to be much higher.
That said, it is almost impossible to launch such an attack on the Bitcoin network. Firstly, it has a considerably high hash-rate, requiring a huge number of miners. In all, it has over one million miners and is much more decentralized due to the growth and diversification of the network over the years. There’s also the insurmountable hurdle of convincing over 500,000 miners to direct their hash power to initiate a 51 percent attack.
Such a plan would not be feasible. Some of the most vulnerable blockchains to a 51 percent attack include Ethereum Classic, Bytecoin, MonaCoin, Litecoin Cash, and Dash. This is according to Crypto51 App.
In 2018, coins such as Litecoin Cash, Monacoin, Zencash, Bitcoin Gold, and Verge had their blockchains hacked through this mode. Over $1.8 million in Bitcoin Gold was stolen during its attack. The attack on Verge also yielded the attackers some $2.7 million worth of the digital currency.
Hash Power for Rent Is a Great Contributor
The rise of marketplaces offering hash power for rent has also increased the likelihood of 51 percent attacks. Such platforms provide an array of large-scale mining capabilities that can help attackers instigate an attack without having to buy hardware.
Crypto exchanges can avert such an attack by, for example, increasing the number of required confirmations needed to validate funds. Older mined digital coins are typically buried in layers of confirmed blocks. This makes them safer to handle.
In regards to the Ethereum Classic attack, Litecoin (LTC) creator, Charlie Lee, has highlighted that 51 percent attacks are part of the core attributes of a decentralized cryptocurrency, asserting that if a coin isn’t susceptible, it isn’t decentralized.
This is a thought-provoking observation. ????
By definition, a decentralized cryptocurrency must be susceptible to 51% attacks whether by hashrate, stake, and/or other permissionlessly-acquirable resources.
If a crypto can’t be 51% attacked, it is permissioned and centralized. https://t.co/LRCVj5F0O1
— Charlie Lee [LTC⚡] (@SatoshiLite) January 8, 2019
A debate as to whether a 51 percent attack was really supposed to be among the cornerstones of a democratically sentient crypto ecosystem ensued. Some argued that such vector attacks sometimes led to crypto investments and are generally a nuisance to the larger community.
Another school of thought is that a consensus-based platform should be able to allow the rule of the majority, in this case, those who control the most hashing power. A few also pointed out that the decentralization of a blockchain is useless if not secure.
A proof-of-stake solution has been touted as the answer to the 51 percent attack vulnerability that affects proof-of-work coins. It allows the entity who owns over 51 percent of the coins on a network to control the blockchain.
Acquiring such a substantial amount of coins would require purchasing them, subsequently causing an increase in prices. This would be incredibly hard to pull off, especially if a cryptocurrency has a huge market cap.
It is expected that 51 percent attacks on cryptocurrencies will increase in 2019 as current market conditions embolden hackers with access to significant hashing power.
(Featured Image Credit: Pixabay)
Never Miss Another Opportunity! Get hand selected news & info from our Crypto Experts so you can make educated, informed decisions that directly affect your crypto profits. Subscribe to CoinCentral free newsletter now.