BlockChain Entered The World Of Information Technology With The Slogan Of Impenetrability And Thus Succeeded In Attracting The Favorable Opinion Of Many Users And Companies. 

Blockchain Network, Important digital cryptocurrencies based on this technology were widely introduced into the business world, and even in some industries, the above technology uses to maintain supply chain security.

In the early days when Blockchain was unknown to most users, the technology seemed impenetrable, and most experts believed that a powerful integrated security mechanism was available to companies. However, various methods have now been identified that show This network is not very impenetrable, and hackers can destroy it.

Gone are the days when everyone considered the blockchain network to be hackable, and no security expert can say for sure that this technology will create a strong barrier against hackers. Every day, new security breaches are detected in the cryptographic infrastructure and smart contracts, some of which are located in the fundamental part of the blockchain network, which has caused concern among activists in this field.

For the first time in 2020, Coinbase security experts detected strange behaviors in the classic Ethereum cryptocurrencies, one of the tradable cryptocurrencies on the Coinbase exchange platform. Further investigation revealed that the traditional Ethereum blockchain network, which kept a history of all transactions, had been severely attacked. In this attack, hackers managed to gain control of more than half of the network (51%) and use it to rewrite the transaction history, so that they managed to extract a password several times.

Experts called the attack Double Spending.

In the attack on Classic Ethereum, hackers were able to gain access to $ 1.1 million worth of accounts and wallets. Of course, Coinbase said it had not stolen cryptocurrency from any wallet or account. In another example, the popular Gate.io exchange reported that nearly $ 200,000 of its customers’ assets had been stolen by a hacker attack. Still, within days the hackers returned half of the stolen money to customers.

In the attack on Classic Ethereum, hackers were able to gain access to $ 1.1 million worth of accounts and wallets. Of course, Coinbase said it had not stolen cryptocurrency from any wallet or account. In another example, the popular Gate.io exchange reported that nearly $ 200,000 of its customers’ assets had been stolen by a hacker attack. Still, within days the hackers returned half of the stolen money to customers.

In the attack on Classic Ethereum, hackers were able to gain access to $ 1.1 million worth of accounts and wallets. Of course, Coinbase said it had not stolen cryptocurrency from any wallet or account.

In another example, the popular Gate.io exchange reported that nearly $ 200,000 of its customers’ assets had been stolen by a hacker attack. Still, within days the hackers returned half of the stolen money to customers. Sophisticated attacks aimed at controlling and accessing the communication chain

Almost a year before these malicious attacks were carried out, and security experts hypothesized that such attacks could be carried out. Still, never prove the concept, but it seems that the same hypothesis was enough to provide hackers with serious clues.

An attack that could give hackers 51 percent control of classic Ethereum is one of the most complex attacks on the blockchain network in recent years, showing that the web is vulnerable to security risks. 

Since 2017, hackers have been able to steal nearly $ 2 billion in cryptocurrencies from exchanges, although this figure only refers to businesses that have officially released the news.

Cyberattacks are not just by hackers; and organized groups also manage some hacker attacks. Research by Chainalysis shows that large-scale and complex attacks are carried out by organized groups that have the appropriate resources and infrastructure.

According to researchers, hackers are interested in it because fraudulent transactions are not easily traced, unlike traditional financial systems. While the Blockchain has its security capabilities, it also has vulnerabilities that are different from conventional infrastructure.

Therefore, no other expert explicitly states that Blockchain is an impenetrable and impenetrable technology. Over the past few years, various types of cryptocurrencies have been introduced, some of which were new, while others were derived from known samples. However, these digital currencies were subjected to various cyber-attacks that revealed their underlying weaknesses in all cases.

A blockchain is an encrypted database implemented by a network of computers. Each of which stores an updated version of the database to be well integrated, and the network chain pattern is maintained.

In this architecture, there is a blockchain protocol, a set of policies that define how network nodes (computers) connect and perform new transactions and add them to the database.

The protocol uses cryptographic algorithms and the basics of economics to define nodes properly, maintain network security, and try to persuade users to receive appropriate rewards if they follow the rules.

This system is only completely secure when all the requirements are in the right place. Adding a fake transaction to the network will be complicated and costly because credible transactions are added to the web every second when hackers have a chance.

It Minimizes entering fake transactions into the network.

Such capabilities make blockchain technology attractive to organizations, large industries, and supply chain companies.

Interestingly, central banks in some countries have used Blockchain to a limited extent as a mechanism for accessing national digital ciphers. The biggest weakness of the Blockchain in the business of financial institutions is computational complexity.

Experience has shown that the more complex the blockchain system, the greater the error rate when operating it. In 2020, Zcash, the owner of the cryptocurrencies, announced that it had secretly detected a flaw in the cryptographic pattern that it is accidentally creating in the protocol.

The vulnerability that allowed hackers to create unlimited fake Zcash. Not harmful to know that Zcash is a cryptocurrency that uses the most advanced mathematical calculations and the most sophisticated technical infrastructure to ensure that its users’ private transactions are highly secure.

The encryption protocol is not the only criterion that should have a lot of security. To exchange passwords or set up a node on the network, the user must use client software that may be vulnerable. By the summer of 2020, the Bitcoin Core client software developers could fix a severe vulnerability that would allow hackers to extract more cryptocurrencies than the system would let away from the media.

Before 2020, most cyberattacks targeted exchange offices because the websites they designed to conduct financial transactions were vulnerable to severe vulnerabilities.

 What are the 51% rule and the 51% attack?

One of the new terms in the cybersecurity industry is Attack 51. In the world of cryptocurrencies, the 51% rule states that if a person can take control of 51% of the network, he will own it and make fundamental changes to the network configuration. That’s why hackers do their best to launch 51% of attacks around cryptocurrencies.

The 51% prevalence of the attack occurs because blockchain networks approve transactions based on the Proof of Work protocol (POW) protocol. In this process, called extraction, nodes have to devote a significant portion of their computational power to prove their identity to add new transaction information to the database. There is another crucial concept in this regard that you should be aware of it.

It is the concept of Hardfork. In short, Hardfork is an up-to-date version of the blockchain network software that is not compatible with the original blockchain protocol. It causes different blocks of the leading network to be created, creating two separate and virtual networks.

What Hardfork does is create new blocks and transactions based on its valid protocols.

For example, Bitcoin Cash is a hard fork, which is a branched version of bitcoin. As mentioned, according to the 51% rule, if a person can gain 51% control of the blockchain network extraction power, he can deceive other users with a promise of rewards, and once the conditions are met, another version of the Blockchain And never reward users. This new version of the network is named Fork.

People who control the maximum extraction power can create a new fork as a valid version of the network and then provide users with the same passwords, thus cheating.

However, this method of attacking and abusing the 51% rule in large blockchains is rare because it is costly. A study by Crypto51 shows that the cost of leasing the processing power needed to extract enough to attack Bitcoin in 2019 is about $ 260,000 per hour. Based on these statistics, the more we move to less valuable cryptocurrencies, the faster the cost of attacking them decreases.

Of course, a sudden crash of cryptocurrencies can encourage hackers to implement the above attack because as cryptocurrencies depreciate, many miners turn off their mining devices, effectively reducing network security. However, this method of attacking and abusing the 51% rule in large blockchains is rare because it is costly.

A study by Crypto51 shows that the cost of leasing the processing power needed to extract enough to attack Bitcoin in 2019 is about $ 260,000 per hour.

Based on these statistics, the more we move to less valuable cryptocurrencies, the faster the cost of attacking them decreases. Of course, a sudden crash of cryptocurrencies can encourage hackers to implement the above attack because as cryptocurrencies depreciate, many miners turn off their mining devices, effectively reducing network security.

However, this method of attacking and abusing the 51% rule in large blockchains is rare because it is costly. A study by Crypto51 shows that the cost of leasing the processing power needed to extract enough to attack Bitcoin in 2019 is about $ 260,000 per hour. Based on these statistics, the more we move to less valuable cryptocurrencies, the faster the cost of attacking them decreases.

Of course, a sudden crash of cryptocurrencies can encourage hackers to implement the above attack because as cryptocurrencies depreciate, many miners turn off their mining devices, effectively reducing network security.

Based on these statistics, the more we move to less valuable cryptocurrencies, the faster the cost of attacking them decreases. Of course, a sudden crash of cryptocurrencies can encourage hackers to implement the above attack because as cryptocurrencies depreciate, many miners turn off their mining devices, effectively reducing network security.

Based on these statistics, the more we move to less valuable cryptocurrencies, the faster the cost of attacking them decreases.

Of course, a sudden crash of cryptocurrencies can encourage hackers to implement the above attack because as cryptocurrencies depreciate, many miners turn off their mining devices, effectively reducing network security.

In late 2019, hackers took advantage of a 51 percent attack on a collection of small coins such as Verge, Monacoin, and Bitcoin Gold and were able to steal $ 20 million from users.

In the fall of that year, hackers could steal $ 100,000 worth of Vertcoin cryptocurrencies based on the same attack. Classic Ethereum, which brought hackers $ 1 million in profits, was the first attack on a prominent blockchain cryptocurrency.

David Wreck, the co-founder of Sia’s blockchain-based file storage infrastructure, believes that 51% of attacks will continue and be implemented more vigorously. So that money changers suffer a lot of losses due to losses caused by Double Spending.

He believes that one of the issues that exacerbate these attacks is the emergence of human markets that allow hackers to lease the computing power needed to carry out the attack. “Exchange offices are being forced to adopt stricter policies and take more cautious steps in the field of cryptography they can support,” he said.

Smart Contract Technical Defect

Another major shortcoming that poses a serious challenge after the 51 blockchain attacks are smart contracts’ technical vulnerabilities. A team of researchers is currently investigating the implications of new security vulnerabilities identified in the Blockchain. An attack on classical Ethereum can be a good starting point for a more detailed analysis of these vulnerabilities.

In its simplest definition, a smart contract is a computer program implemented on a blockchain network. It is used to automate the movement of cryptocurrencies based on predefined rules and conditions.

However, the applications of this technology are wide-ranging and can also be used to facilitate actual legal contracts or complex financial transactions. The main application of an intelligent agreement is its ability to implement a voting mechanism through which all venture capital fund investors can make informed decisions about the spending of investments.

Such a fund, known as the Decentralized Authority (DAO), was launched in 2016 with the help of the Ethereum blockchain system.

However, after a short time, the hacker could steal more than $ 60 million of the fund’s cryptocurrency assets. The hacker managed to implement the attack by exploiting the unforeseen technical vulnerability in the smart contract that contained the DAO.

In essence, this technical vulnerability allowed the hacker to continue requesting money from other accounts without registering a receipt by the system.

In traditional software, bugs can repair by installing a patch, but in the blockchain world, this is complicated because transactions on the Blockchain are irreversible. “Using a smart contract is like sending a spacecraft into space, where there is no room for software error,” said Peter Sankov, a researcher at ETH Zurich and co-founder of ChainSecurity smart startup security.

Indeed, it is not possible to patch a smart contract, but some contracts can upgrade by using additional intelligent agreements to interact with the previous contract. Developers can design centralized switches on the network to stop all activity in a hacker attack or intrusion. However, money stolen before the key is activated cannot be recovered.

 So the best way to get your stolen assets back is to rewrite the network history to reach the Blockchain back to pre-attack condition. 

Therefore, a new fork of the Blockchain must create, and all active people in the network must agree to use the other Fork instead of the previous version.

It is an option chosen by Ethereum developers, and most members of the network, not all members, migrated to the new Blockchain and chose the name Ethereum. Still, a small group of members decided to use the previous version, now known as the classic Ethereum. . (The new version was called Ethereum, and the original version, built a few years ago, was renamed Classic Ethereum.)

Interestingly, in January 2019, ChainSecurity’s security team managed to save Ethereum from repeating the DAO attack. Just one day before the major software update, the company warned senior Ethereum developers that the unintended consequence of the update would be to leave several blockchain contracts vulnerable to DAO attack and another cyber attack.

With hundreds of Ethereum intelligent contracts having similar vulnerabilities, a report released by blockchain startup Anchain.ai shows that tens of thousands of Ethereum smart contracts are vulnerable to various exposures.

Because blockchain source code is available on the network, hackers can quickly identify vulnerabilities. The bad news, unfortunately, is that blockchain vulnerabilities are very different from traditional security vulnerabilities.

How to prevent the successful implementation of the blockchain attack?

Startup AnChain.ai is one of the companies active in this field, which focuses on identifying and eliminating vulnerabilities related to Blockchain. The startup uses machine learning to control transactions and detect suspicious behavior. The company’s intelligent algorithms can scan intelligent contract codes and detect known vulnerabilities.

Other companies, such as ChainSecurity, are also testing services based on the Formal Verification technique. The project intends to use mathematical calculations for verification and shows that intelligent contract codes follow the same process as the manufacturer expects.

The verification tools used by some companies over the years have allowed innovative contract makers to identify and address most of the vulnerabilities in the network.

While blockchain technology entered the world of technology with the impenetrable slogan, it is still not immune to hacker attacks. It falls victim to hackers due to vulnerabilities or software breaches.

Thus, like other technologies, it has a gray area that companies and the media are reluctant to mention. Today, various blockchains have been introduced, each of which has improved our knowledge of how this technology works, but it is not a bad idea to first consider its security considerations before entering or implementing it.