A summary of blockchain attacks

Introduction

The blockchain is one of the most exciting technologies that has come out of the cryptocurrency movement. Sadly, I seem to find all-too-often that people consider it to be the silver bullet to cure all (cyber) ailments. While it's too early to tell how far this technology will go, there's no doubt that it has potential. However, in order to truly understand the blockchain and its future potential, you need to understand how it works and how it can be attacked. I've put a few attacks, but I'm sure there are a more...

Using rare words:

Rare words are the old-school way of producing a hash that can be used to validate your block. A common word like “hello” will produce the same hash every time, but even if you use an uncommon word like “pneumonoultramicroscopicsilicovolcanoconiosis” it's not going to be very secure because it's too easy for someone else to find out what that word is.

To produce a good hash, you need something rare—but also something familiar enough so people know what it means (or at least how to pronounce it). The idea is that even though everyone knows what a rare word would be in general, nobody has ever seen this specific one before (and won't see it very often again).

If you want some inspiration for finding rare words, there are plenty of places online where people write about interesting concepts: Wikipedia has pages for many languages and topics; Urban Dictionary has definitions for just about everything under the sun; and Google Trends shows which search terms have been trending over time.

51 percent attack

A 51 percent attack is a situation where one entity has more than 50 percent of the mining power on a blockchain. This allows them to create new blocks and alter the blockchain. It's possible to reverse the effects of a 51 percent attack, but it requires coordination among miners and nodes on the network—it's not something that can be done by one person alone.

Sybil attack

A Sybil attack is a type of attack in which a single entity creates multiple identities to gain an unfair advantage. The more identities the attacker creates, the more likely they are to succeed.

The attacker's goal is to manipulate the system. They might want to:

• gain access to data that's not available publicly (a medical record, for example)
• manipulate votes in an election
• change data on someone else's account

Rainbow table

• You've probably heard of rainbow tables before, but what is it?
• A rainbow table is a precomputed table for reversing cryptographic hash functions.
• It's similar to the dictionary attack in that it uses a list of words and their corresponding hashes. Rainbow tables are generated offline from password hash lists or by brute force attacks on the HASH function.
• Once you have created your rainbow table, you can use it to crack passwords on websites that use PBKDF2 or Pbkdf2WithHmacSHA1 (like Dropbox) with less than 100 million iterations.

DDoS attack

A DDoS attack, or distributed denial-of-service attack, is an attempt to make a machine or network resource unavailable to its intended users. In this case, the attacker typically employs one of many methods to flood the resources with useless traffic from multiple sources. The result is that legitimate users can no longer connect to the service in question. This type of attack has been used for years by cybercriminals and other hackers looking to disrupt online services.

There are multiple types of DDoS attacks but they all work in similar ways:

• TCP SYN flooding - In this type of attack, the attacker creates more TCP connections than the server can handle. This can be done by sending large amounts of SYN packets that never respond back with an ACK packet (SYN received). When these connections are created but never closed out by being "ACKed" into your server's memory space it ends up maxing out your available connection slots and preventing new connections from coming through at all!
• UDP flooding - This type of attack targets UDP ports rather than TCP ports (port 80 vs port 21). The idea behind this kind of attack is simply overwhelming any possible bandwidth available so there isn't enough left over for anything else! To accomplish this kind fo thing requires sending lots and lots o fake requests which will eventually make those services crash under their own weight

Signature forgery

Signature forgery is the act of forging a digital signature. For example, a malicious user might be able to sign off on your transactions without you knowing about it.

Because public-key cryptography does not use unique signatures, it’s possible for someone else to manipulate your transactions by using their private key instead of yours.

Shallow hash chain attack

A shallow hash chain attack is a method of gaining control over the network by selectively targeting nodes that have not been updated. The attacker sends two transactions, a payment and an authorization, to two different nodes. Both transactions include the same amount, but only one transaction has a correct address for receiver. The attacker then waits for both transactions to be confirmed—a process which takes about ten minutes on average (depending on the size of their wallet).

Once this occurs, they send another transaction with no funds associated with it (called an empty payment). This transaction includes in its “hash” data field information from one of the previous transactions; when it is processed by miners, they will have no choice but to accept this empty payment as valid because it looks like any other valid transaction due its inclusion of cryptographic proof-of-work evidence that confirms its authenticity via cryptographic signatures attached at every step along every link in its blockchain history chain."

Exploit chain attacks

Attackers can exploit whatever vulnerabilities they find in the blockchain that are exposed to them, and this is what we call an exploit chain attack. An exploit chain attack is simply a sequence of exploits that leads to a successful attack on the blockchain.

An attacker will start with one vulnerability, use it to gain access to restricted data and resources on your network, and then leverage those resources to gain access to more data or even more privileged accounts. This could happen over several steps or one leap—it all depends on how bad the initial vulnerability was and how well secured your system is by default.

Malicious hashing algorithm attacks

Hashing algorithms are used to verify data and ensure that it hasn't been tampered with. Hashing algorithms take input, run it through a process, and produce an output.

In a malicious hashing algorithm attack, the attacker takes advantage of this function by providing their own input—which may be harmless or malicious—to the hashing algorithm. If you're using an insecure hashing algorithm that allows for easy modification of the output, then you could end up with malware on your computer.

The best way to prevent this kind of attack is by using strong cryptographic hashes in software that uses them as part of its security protocols (such as Bitcoin wallets).

Confirmation time-jacking attack/race condition attacks

The other big attack vector is time-jacking, which involves making multiple transactions on a block and extracting more money from it than you put in. This can be done by sending many transactions with abnormally high fees (which will be picked up by miners) and then canceling them before they are confirmed. The trick is that if you send enough of these transactions quickly enough, you can get more money out of a block than was originally there.

Race condition attacks involve taking advantage of how blocks are created to extract more funds from them than should be possible if everything were working correctly. For example, if I know that Alice has 10 bitcoins but am aware that she hasn't yet confirmed any transactions on the blockchain since buying those 10 bitcoins one day ago but plan on doing so tomorrow morning at 9 am PDT (Pacific Daylight Time), then I could begin mining a block containing a transaction sending 2 bitcoins from my wallet immediately after 9 am PDT today—and because this would happen before Alice had finished confirming her own transaction(s), I could use this transaction as part of my new block instead when creating my own version! This means that when Bob tries validating his version tomorrow morning at 9 am PDT he'll end up using both versions instead of just one like he normally would...and now all 3 versions exist simultaneously: your old one; mine (containing an extra 2 BTC); and Alice's new one (containing only 1 BTC).

Conclusion

The blockchain is a powerful tool, but it’s also not immune to attacks. While I'm fascinated to see how it will evolve, at the same time, I'm conscious that we sometimes expect it to solve problems it wasn't designed (nor able) to resolve.