Back to Course

3. Advanced Course

0% Complete
0/0 Steps
  1. 1. What is Taproot?
  2. 2. Blockchain bridges – what are they?
  3. 3. What is Ethereum Plasma?
  4. 4. What is Ethereum Casper?
  5. 5. What is Zk-SNARK and Zk-STARK? 
  6. 6. What is Selfish Mining? 
  7. 7. What is spoofing in the cryptocurrency market? 
  8. 8. Schnorr signatures - what are they? 
  9. 9. MimbleWimble - what is it? 
  10. 10. What is digital property rights in NFT?
  11. 11. What are ETFs and what role do they play in the cryptocurrency market? 
  12. 12. How to verify a cryptocurrency project – cryptocurrency tokenomics 
  13. 13. What is the 51% attack on blockchain?
  14. 14. What is DAO, and how does it work?
  15. 15. Zero-knowledge proof – a protocol that respects privacy 
  16. 16. What is EOSREX?
  17. 17. What is Proof of Elapsed Time (PoET)?
  18. 18. Mirror Protocol – what it is? 
  19. 19. What are synthetic assets? 
  20. 20. How to create your own NFT? 
  21. 21. Definition of DeFi, and what are its liquidations?
  22. 22. New identity system - Polygon ID
  23. 23. Ethereum Foundation and the Scroll protocol - what is it?
  24. 24. What is Byzantine fault tolerance in blockchain technology?
  25. 25. Scalability of blockchain technology - what is it?
  26. 26. Interchain Security - new Cosmos (ATOM) protocol
  27. 27. Coin Mixing vs. Coin Join - definition, opportunities, and threats
  28. 28. What is Ethereum Virtual Machine (EVM) and how does it work?
  29. 29. Soulbound Tokens - what are they, and how do they work?
  30. 30. Definition of LIDO - what is it?
  31. 31. What are Threshold Signatures, and how do they work?
  32. 32. Blockchain technology and cyberattacks.
  33. 33. Bitcoin script - what it is, and what you should know about it.
  34. 34. What is zkEVM, and what are its basic features?
  35. 35. Do confidential transactions on blockchain exist? What is a Confidential Transaction?
  36. 36. Algorithmic stablecoins - everything you should know about them.
  37. 37. Polygon Zk Rollups ZKP - what should you know about it?
  38. 38. What is Web3 Infura?
  39. 39. Mantle - Ethereum L2 scalability - how does it work?
  40. 40. What is the NEAR Rainbow Bridge?
  41. 41. Liquid Staking Ethereum and LSD tokens. What do you need to know about it?
  42. 42. Top 10 blockchain oracles. How do they work? How do they differ?
  43. 43. What are Web3.js and Ether.js? What are the main differences between them?
  44. 44. What is StarkWare, and recursive validity proofs
  45. 45. Quant Network: scalability of the future
  46. 46. Polygon zkEVM - everything you need to know
  47. 47. What is Optimism (OP), and how do its roll-ups work?
  48. 48. What are RPC nodes, and how do they work?
  49. 49. SEI Network: everything you need to know about the Tier 1 solution for DeFi
  50. 50. Types of Proof-of-Stake Consensus Mechanisms: DPoS, LPoS and BPoS
  51. 51. Bedrock: the epileptic curve that ensures security!
  52. 52. What is Tendermint, and how does it work?
  53. 53. Pantos: how to solve the problem of token transfer between blockchains?
  54. 54. What is asymmetric encryption?
  55. 55. Base-58 Function in Cryptocurrencies
  56. 56. What Is the Nostr Protocol and How Does It Work?
  57. 57. What Is the XDAI Bridge and How Does It Work?
  58. 58. Solidity vs. Rust: What Are the Differences Between These Programming Languages?
  59. 59. What Is a Real-Time Operating System (RTOS)?
  60. 60. What Is the Ethereum Rinkeby Testnet and How Does It Work?
  61. 61. What Is Probabilistic Encryption?
  62. 62. What is a Pinata in Web 3? We explain!
  63. 63. What Is EIP-4337? Will Ethereum Account Abstraction Change Web3 Forever?
  64. 64. What are smart contract audits? Which companies are involved?
  65. 65. How does the AirGapped wallet work?
  66. 66. What is proto-danksharding (EIP-4844) on Ethereum?
  67. 67. What is decentralised storage and how does it work?
  68. 68. How to Recover Cryptocurrencies Sent to the Wrong Address or Network: A Practical Guide
  69. 69. MPC Wallet and Multilateral Computing: Innovative Technology for Privacy and Security
  70. 70. Threshold signature in cryptography: an advanced signing technique!
  71. 71. Vanity address in cryptocurrencies: what is it and what are its characteristics?
  72. 72. Reentrancy Attack on smart contracts: a threat to blockchain security!
  73. 73. Slither: a static analyser for smart contracts!
  74. 74. Sandwich Attack at DeFi: explanation and risks!
  75. 75. Blockchain RPC for Web3: A key technology in the world of decentralized finance!
  76. 76. Re-staking: the benefits of re-posting in staking!
  77. 77. Base: Evolving cryptocurrency transactions with a tier-2 solution from Coinbase
  78. 78. IPFS: A new era of decentralized data storage
  79. 79. Typical vulnerabilities and bridge security in blockchain technology
  80. 80. JumpNet - Ethereum's new sidechain
3. Advanced Course 32. Blockchain technology and cyberattacks.
Lesson 32 of 80
In Progress

32. Blockchain technology and cyberattacks.

Blockchain technology itself has built-in security features. It is true that blockchains offer a high level of data protection, however – where there is money, there are hackers and scammers. Despite such high security features and constant work on them, the blockchain market is fraught with problems, especially those related to security.

Cases of hacking attacks on blockchain

Interestingly, in 2021, breaches, however, related to decentralized finance accounted for as much as 76% of all hacks. The third quarter of the same year also had as many as 20% more hacking incidents than all of 2020. Of course – we’re still talking about blockchain.

Hacking attacks on the blockchain usually come from external actors or insiders. Many of the attacks use phishing, social engineering, data attacks or coding errors. Here are five of the most common attacks on blockchain:

  • 51% attacks. We discussed them in detail in one of our lessons. This type of attack occurs when the majority of the network conspires against the minority. If you want to remember what a 51% attack was all about, take a peek at [LINK – WHAT A 51% ATTACK IS].
  • Backdoor and on-ramp exploits. These occur when computers are hijacked for their computing power. This form of cybercrime is compared to a supply chain attack. However, they take advantage of the distributed nature of blockchain.
  • Flash loan attacks. These occur when intelligent contracts (designed mainly to handle flash loans) are attacked to siphon assets elsewhere. Cybercriminals using this method mainly take advantage of unsecured loans, where they can manipulate the input data.
  • Rug pulls. Situations, in which celebrities from the crypto world, create hype around a project and flee with investor funds.

Other cases of attacks on blockchain

Cybercriminals are canny and overly inventive. What techniques are they still using?

  1. Payments. We are mainly talking about the theft of cryptographic keys. Based on this attack, more than $73 million was stolen from the Bitfinex exchange in 2016.
  2. Employees. In 2017, the Bithumb exchange was hacked using an employee’s computer.
  3. As blockchain is unequal – we’re talking about private and public blockchains – the tactics and techniques of cybercriminals are changing.
  4. Corruption, money laundering and lack of regulation blockchain. It is known, centralized bodies can be corrupt. However – intelligent contracts are also not legally binding.  An unclear regulatory environment slows cryptocurrency adoption and allows cybercriminals to flourish in their craft.

Hackers are finding ways to exploit blockchain companies and cryptocurrency exchanges. We know from publicly available data that in 2018 alone, more than $1.5 billion was lost through social engineering attacks and theft of cryptocurrency wallets.

Since 2017, about 5% of Bitcoin has been stolen through attacks on exchanges. Mt.Gox, Bitfinex – these are the exchanges to which cybercriminals stole $350 million and $72 million, respectively.

It is worth knowing that blockchain companies collect a lot of information about their customers. That’s another tasty morsel for hackers – talk about PII attacks and selling the data obtained on Dark Web forums.

Review 2021 – how many hacking attacks have occurred on blockchain?

Biggest cyberattacks on blockchain-related companies in 2021.

  1. PolyNetwork – DeFi’s financial project. It was hacked in August 2021. As a result, the company ended up with a $600-million loss. The theft surpassed the attack on Coincheck in 2018. Interestingly, more than 99% of the stolen funds were returned to the company. The hacker who committed the crime was subsequently asked to take a position as the company’s chief security advisor.
  2. Cream Finance. Another DeFi project, built on the blockchain. It was attacked as many as three times in 2021. The first hack cost the company $37 million. The second – $29 million. During the third attack, $130 million worth of cryptocurrencies were stolen from the company.
  3. Liquid. It is a Japanese cryptocurrency exchange platform. It suffered a loss of about $97 million. After the attack, Liquid suspended all deposit and withdrawal operations.
  4. bZx. Another DeFi platform. The hacker used phishing and stole private keys. He gained access to the developer’s wallet. Thus, he stole cryptocurrencies worth $55 million.

Summary 2022

The beginning of the year was not very kind to investors. Despite price declines, hackers and thieves did not take a break. According to Atlas VPN, hackers stole “only” $1.3 billion in the first quarter of 2022. They committed “only” 78 hacking attacks. Moreover, the hacks on Ethereum and Solana caused more than $1 billion in losses in the first quarter of the year….

Ethereum was attacked 18 times in 2022. Losses reached $636 million. The largest attack took place in March 2022, when hackers attacked Axie Infinity’s sidechain – Ronin Network. The theft totalled $610 million – 173,600 ETH and 25.5 million USDC.

Solana is not being left behind. Hackers attacked it five times. The losses totaled $397 million. The hacker took advantage of a signature verification flaw in the network and created Wormhole-wrapped Ether. Losses were estimated at $334 million.

Hackers also breached 14 projects in the Binance Smart Chain system. As a result, losses amounted to about $100 million. The QBridge deposit function was exploited and the Qubit protocol was attacked. The cybercriminal generated $80 million in xETH security.

Then – the attack on IRA Financial Trus. It cost the company $36 million.

The NFT market is also not coping with intrusions. In 2022, they were the most popular target for hackers. The attacks mainly occur on Discord, where hackers launch phishing attacks and steal users’ NFTs. In addition, many crooks launch NFT projects that end in rug pulls.

Summary

Over the past decade, hackers have had their little harvest. Cryptocurrency technology has grown tremendously. Unfortunately, there are still many companies that do not have adequate security measures in place and allow hackers to profit from their victims.

More than $12 billion in cryptocurrencies have been stolen in the past 11 years. The number of hacks on DeFi has also increased. In 2014, the amount of money lost due to hacking attacks reached $645 million. Worst of all – the amounts are not decreasing. Since then, they have been steadily increasing and in 2021 they approached the sum of $3.2 billion.