Remember just few months back when bitcoin price skyrocketed and we saw many new BTC Millionaires. But many don’t talk about the type of bitcoin attacks or to say bitcoin scams that were going on at that time.
Many people think that people just got lucky with bitcoin but think about it for a minute.
Do you guys really think luck have a role to play here?
Many so called BTC Millionaires were using crypto signal groups to know the best prediction from experts. Many discord signals servers are used to make these kind of predictions.
Just Checkout this Post for Signal Guidance :
https://medium.com/@crpytomagic/which-are-the-best-crypto-signals-channels-in-2019-telegram-and-discord-325b7b2e9493
Anyway back to the main topic about type of bitcoin attacks.
Should you be worried about Bitcoin attacks?
I get asked about Bitcoin a lot – mining, usage, fundamental economic principles, basic technical details etc. I spend a lot of time telling people the things they need to know about Bitcoin to participate in this grand experiment of ours and almost as much time quieting unfounded fears. It seems at least once or twice per month the news is bubbling with the story of one Bitcoin business or another being hacked, turning out to be a Ponzi scheme or just going under for good old-fashioned bad business practices. The scariest to most are the hacks since they seem to come from nowhere and play to an unfortunate fear that many have: the fear that there is someone out there clever enough to magically make all their digital assets vanish without a trace. But is such a thing really feasible? This article will examine a few of the more common attack mechanisms in the Bitcoin world today and how worried you should actually be.
Bitcoin Attacks #1 : The 51% Attack
What is it?
The 51% attack is perhaps the best-known of Bitcoin’s security vulnerabilities and it’s been on our collective radar since day 1. Bitcoin stores its transaction information in database chunks that are collectively referred to as the “blockchain.” As new transactions occur, they go into a new block on the end of the chain. While most of the time, the chain remains one straight line of blocks, on occasion a “fork” happens – two conflicting blocks appear and the network has to decide which one is valid. Each miner votes by continuing to tack new blocks onto the end of whichever block they think is valid – eventually the longest chain wins.
This also means that if I’m clever I can intentionally create two conflicting transactions, one in which I send money to a merchant and one in which I’m sending that same money to an address that I control. If I control more than half of the network’s processing power then I can decide which block ultimately gets accepted as true. Of course the longer back in time I go when creating these conflicting blocks, the more blocks I have to add to the end of my fraudulent chain before anyone accepts it as valid, so I’m pretty limited in how far back I can revise history and the further back I go, the more it costs me. This is the primary reasoning behind transactions not being considered complete until they’ve got 6+ confirmations.
Should I be worried?
For brevity’s sake: no, not really. The 51% attack is perhaps one of the most talked kind of attack in Bitcoin zone. Everyone is watching for it, and people anchored in the crypto-space are aware about how it’s supposed to work. Lucky for us, nobody should even think about such an attack since the “fix” is already built into the client by waiting for the 6 confirmations. Realistically, worrying about the 51% attack is a good indicator of high paranoia levels since it’s very expensive to actually use it. You will need all the computers in the world combined to perform that – especially once some of those fancy new ASIC products start coming online.
Bitcoin Attacks #2 : The Finney or “Block Withholding” Attack
What is it?
When a transaction is performed on the Bitcoin network, the clients involved broadcast that transaction to everyone. This means that both parties are aware of the transaction immediately, as are all of the miners who are working to put that transaction into a block. Technically speaking, though, that confirmation is just a nicety – your transaction hasn’t actually occurred until it’s in a block. So what if some miner spits out a block that intentionally holds a conflicting transaction that wasn’t announced to the network? The Finney attack involves a fraudulent miner working on a block that contains a transaction where I’ve sent coins to myself. When I find that block, I go out and send those coins to someone else, then immediately release the block. Because you can’t spend the same money twice and the Bitcoin network saw my fraudulent block first, the legitimate transaction I made with you is rejected and never finds its way into a block.
Should I be worried?
Again, probably not. You need to be a pretty big-time miner to get enough opportunities at a Finney attack to make it worthwhile. Even with the right equipment, you need to have perfect timing since while you’re sitting on that fraudulent block the rest of the network is still looking for its own solution. You have to make your transaction, walk away with the goods and release your block before anyone else beats you to the punch otherwise you have legitimately spent funds and your attack is no good. Again, the fix is built into the protocol – just wait for confirmations.
Bitcoin Attacks #3 : The Race Attack
What is it?
To be fair, I’m not sure this one has an official name yet, but given that two of the three names on the paper originally describing the attack are Swiss, I’m calling it the Swiss Attack.To be fair, I’m not sure this one has an official name yet, but given that two of the three names on the paper originally describing the attack are Swiss, I’m calling it the Swiss Attack. However I see multiple sources calling it the “Race Attack.”
It basically amounts to controlling your level of connectivity to certain targets and exploiting the behavior of the Bitcoin client. See, before your client gets confirmations (blocks) if it’s sent two conflicting transactions it does two things wrong: first, it doesn’t inform you of the conflict and second, it automatically considers whichever transaction it got first to be valid. So in this case, the attack is easy: release two conflicting transactions into the network: one directly to the merchant and then one to several hundred other users simultaneously. With such a big head start, most of the network will see your fraudulent transaction first so it has a much better chance of getting into a block than the one the merchant sees.
Should I be worried?
A little bit, actually. While this one can still be fixed by just waiting for transactions like the others, this one doesn’t require any exceptionally exotic setup by the scammer – they don’t need high-end mining equipment, they don’t have to know how to modify mining software to include an un-released transaction, etc. All they really need is access to a lot of computers at once – and what scammer can’t get their hands on a botnet these days? It’s worth noting that simply checking unconfirmed transactions with a trusted third party goes a long way toward fixing this.
Bitcoin Attacks #4 : Key Guessing / Collision Attacks
What is it?
Bitcoin is built around some really strong encryption and signing technologies. In really basic terms, your whole account boils down to a couple of really long random-looking numbers that happen to be mathematically related in a difficult-to-guess way. If someone can guess one of those numbers – called the “private key” – correctly then they can gain access to your account and spend the funds it contains. Scary, right?
Should I be worried?
No. Not at all. Not even a little. Don’t lose any sleep over this – I mean it, none. The only way someone is guessing your private key is if you used a brain wallet and your password was “password” but if you’re clever enough to be making and using brain wallets I sincerely doubt you’re a member of the target audience for this particular post. Actually, it seems to come up every month or two on bitcointalk forum, discord signals servers or any other place where newbie Bitcoiners congregate. Someone finds out that there are a finite number of Bitcoin addresses that can exist, that the addresses are chosen randomly and that there are no safeguards in place to stop someone from randomly generating the same address as someone else and steal all of the coins at that address.
All of the above is true, of course, and it is technically possible to steal someone’s address and run away with their coins, but only in the same sense that it’s possible for one person to get hit by lighting 7 times and survive. Now I hear some of you saying “hey that guy up there got struck 7 times” – yeah, and that’s happened once to one person ever. Not to mention, we’re talking about the relative probability of finding a single address in a year’s worth of full-time mining. A single address worth, on average, $50. So there you go, if you’re the luckiest person who has ever lived, you can theoretically earn a maximum of $50 per year stealing wallets – I’m guessing the electricity to run the equipment will cost more.
How Bitcoin Prevent Collision Attacks
Bitcoin uses the same sorts of encryption and intractable math problems for its security as most encryption elsewhere in the world. The key space and manner of generation is also similar to many other common encryption-based systems. If Bitcoin were easily compromised because this addressing scheme were a “flaw” or “bug” then so would every single encryption technology you use today. That would mean that your bank account, personal computer, credentials for every web site, cellular communications – basically every device that you assume is hard to eavesdrop on would in fact be dead simple to snoop. An cryptological failure large enough to take down Bitcoin would take down the rest of the world economy and communications infrastructure with it, so personally I wouldn’t be worried about Bitcoin at that point.
Bitcoin Attacks #5 : Non-Bitcoin / Infrastructure Attacks
What is it?
This category encompasses the really dangerous stuff. Notice how with the exception of the one attack I told you not to lose any sleep over all of the other attacks are nullified by simply waiting for confirmations? That’s because Bitcoin is designed to be completely secure as long as you wait for confirmations and no one has broken Bitcoin itself. But there are all kind of hacks on the news, right? Well, these are them. The fact is, the majority of Bitcoin-related hacks happened the same way all hacks happen – inside jobs, incompetence and accidents. More than once Bitcoins have been stolen, not because Bitcoin itself was insecure, but because someone’s web hosting company let someone smooth-talk them into resetting a password. There are certainly ways to safeguard against this sort of thing and the best most reputable companies typically do, but failures do happen.
Should I be worried?
Well the answer is almost certainly “yes” but the real question should be “what can I do about it?” – and (unless you operate a Bitcoin business) chances are your personal answer is “nothing.” We can all do our best to deal only with reputable companies, but MtGox and Bitcoinica were both pretty reputable and they got nailed by these kind of attacks. They were hardly the first and it’s doubtful they’ll be the last.
Bitcoin Attacks #6 : Non-Technical Attacks / Scams
What is it?
Technically not an attack at all, but they’re so commonplace these days that I felt they needed an honorable mention. These are the kinds of things that snake-oil salesmen have been peddling practically since money was invented. They all sound too good to be true and indeed they all are.
Should I be worried?
A big part of me wants to shout “Of course not, just use your brain!” every time I see one of these – but that’s hardly fair. The best of us can be taken in by sweet talk from time to time and it’s not fair to further victimize those taken in by labeling them fools. Still, you already have all the tools you need to detect and avoid these: if it sounds too good to be true, just walk away. Earning 7% per year on an investment is good, earning 7% per WEEK is absurd.
Far more likely, folks losing their coins are either sending coins to bad people or getting their wallet.dat file and password stolen via the same mechanisms the unscrupulous have always used to run away with your digital property. To that end, such a “bug” is unlikely to be “fixed” since nothing is really broken. Far better, it would seem, for the developers to spend their time finding ways to prevent the more likely mechanisms of theft.
Leave a Reply