As the crypto market grows, cryptocurrencies continue to be attacked by hackers. More and more cyber threats are testing this or that blockchain. One of them is Vector Attack 76.
What is Vector Attack 76?
Vector Attack 76 is a type of double-spend attack that exploits a small bug in the Bitcoin consensus system to launch. As a result, an attacker can steal funds and cause damage to their victims.
Despite advanced technologies, including blockchain, they have attack vectors that cybercriminals can use to their advantage. In the cryptocurrency world, one of the least known such attacks is Vector Attack 76.
With the advent of digital currencies and cryptocurrencies, there is a serious problem – double spending. In centralized digital currencies, this problem is easily solved if all control is in one core. But in decentralized currencies like Bitcoin, the problem is much more serious. In fact, Bitcoin’s design minimizes the problem of double spending. You can even say that it “removes” it, but due to the decentralized nature of the PTS, there will always be some point of failure that can be used to double the costs.
This is where the action of Vector Attack 76 will begin. This attack allows an attacker to include a double-spend transaction in a single block, and use it to their advantage. This is achieved by sending a self-created block to the network to give confirmation that the block is valid. Thus, an attacker can seize a certain amount of funds before the network realizes the problem. This attack was first described by the user vector76 on the Bitcointalk forum.
But to understand the nature of this attack, you need to understand more deeply how it works.
How does Vector Attack 76 work?
This attack is actually based on Finney’s attack. Its main purpose is exchanges or exchange offices, where attackers can buy and sell their cryptocurrencies and tokens without being quickly detected.
But how is this possible? Well, let’s take a closer look at the anatomy of this threat.
How is this attack performed?
Vector Attack 76 is executed when an unscrupulous miner who controls a network with two full nodes connects one of them (node A) directly to the exchange service. Then the second full node (node B) connects it to other nodes that are located in the block chain network. To know which nodes to connect to, the miner must track the moment at which the nodes transmit transactions, and how they then propagate them to other nodes in the network. This way, you will be able to find out which nodes are the first to transmit operations, and will be able to connect to the target service and to well-positioned nodes.
After establishing the necessary connections, the miner privately generates a valid block. At this point, a pair of transactions is created that will have different values: a high-value transaction, and a low-value transaction. For example, the first transaction may be 25 BTC or more, and the second transaction may be just 0.1 BTC. Subsequently, the miner holds the extracted block in standby mode and assigns node A a high-value transaction, i.e. a 25 BTC transaction. This is a transaction that will be sent to make a deposit in the exchange service.
When a miner discovers a proposed block on the network, it immediately passes the block it interrupted directly to the exchange service, along with the newly generated block on the network. This is in the hope that the other nodes will consider their block valid and accept it as part of the main chain. So this block will be confirmed, and hence the 25 BTC transaction included in it will be confirmed.
As soon as the exchange service confirms the 25 BTC transaction, the attacker withdraws from the exchange the same amount of cryptocurrencies that they contributed to the previous transaction (25 BTC). The attacker then sends the second created transaction, a 0.1 BTC transaction, to the network from node B to create a fork that causes the network to reject and cancel the first transaction. If this fork survives, the first transaction with a deposit of 25 BTC will be invalidated, but the withdrawal will be made. Thus, the attacker will succeed, and the exchange will lose 25 BTC.
Attack success rate
All these processes occur at once and simultaneously, so it is very likely that a 0.1 BTC transaction will be accepted as the main chain. But after a couple of blocks, the 25 BTC deposit transaction becomes invalid. This is because node B, which transmits a 0.1 BTC transaction, is connected to well-located nodes that transmit this transaction much faster on the network. While node A, containing a 25 BTC deposit transaction, is directly connected only to the exchange service. This node will have to retransmit the specified transaction to other nodes, which will make it much slower than node B.
Having explained this, it can be found that there is a high probability of success when performing this type of attack. Even so, this is not common, because the exchange is required to agree to withdraw funds after one confirmation, and the vast majority of exchanges usually require 2 to 6 confirmations.
However, companies offering digital goods or services can also fall victim to this type of attack.
All systems have vulnerabilities due to their infrastructure, but knowing these bugs and fixing them is important to improve security. Bitcoin is the best example of this. The Vector 76 attack is something structural, but this is only possible if the specified structure is not sufficiently extensive and decentralized.
How do I protect myself from the Vector 76 attack?
To protect yourself from such attacks, you should consider some recommendations:
- Use systems that do not accept single-confirmation transactions. Vector Attack 76 requires this to be possible for the attack to succeed. Instead, at a minimum, you should expect 2 or even 6 confirmations, as is highly recommended.
- The node you are using should avoid enabling incoming connections or, if this fails, detect incoming connections from well-known computers. This prevents an attacker from entering false information about the blockchain into our node.
Outgoing node connections should also be monitored and allowed only to well-known nodes. This prevents your nodes from providing information about the state of the chain you are processing.
With these measures, you can easily protect yourself from this type of attack.
Crypto Security Forecasts for 2021
The crypto industry has experienced its share of cyber attacks and security breaches in 2020. Hackers have stolen millions from crypto companies, such as the KuCoin exchange, while several DeFi (decentralized finance) platforms) faced with cybersecurity violations. Cybersecurity and crypto industry experts predict that this year will see an increase in cyber attacks targeting DeFi platforms, individual users, and smart contracts. Meanwhile, increased institutional investment in cybersecurity will improve the standards and security measures at most exchanges.
DeFi – new target
Experts predict that attacks on crypto exchanges will remain stable or even decrease, especially among existing exchanges. Meanwhile, attacks on DeFi platforms and protocols will inevitably increase, and most hackers are targeting new platforms. Losses from hacks, thefts, and cryptocurrency scams decreased to $ 1.8 billion in the first 10 months of 2020, compared to 2019.
But in the DeFi sector, the number of attacks has increased. DeFi hacks accounted for 21% of the volume of thefts and hacks in 2020. DeFi accounted for almost 50% of all break-ins and thefts that occurred in the second half of 2020, amounting to $ 47.7 million, or 14% of the volume of break-ins.
Experts attribute the high volume of attacks on DeFi platforms to the hype surrounding the sector, which is similar to the ICO craze in 2017. The problem is that many DeFi founders launch their platforms too quickly without first completing the necessary smart contract security audits.
DeFi’s problems will only get worse in 2021, because decentralized finance is a major innovation that will grow significantly in the future. DeFi faces the challenges of growing too fast in an environment where there are only a few qualified smart contract authors and auditors, leading to quality assurance issues.
Another problem that will affect the DeFi platforms is the growth of attacks on smart contracts, which most DeFi platforms use in their activities. Developing smart contracts is similar to building hardware, and the software industry will need time to adapt to the new methodology.
The most vulnerable are startups rushing to capitalize on the DeFi boom. Companies with small teams cannot write secure smart contracts or create reliable decentralized exchanges. People will continue to invest in these systems, even if they have not passed sufficient security checks and peer review.
In contrast, the number of attacks on exchanges will continue to decline as firms compete to attract institutional and retail customers. Market pressure and increased regulatory requirements will reduce the vulnerability of exchanges. Governments around the world will push for rules similar to those of traditional payment institutions.
Cyber attacks will target users
The value of crypto assets has increased in recent years, allowing exchanges and players to invest in security. High prices will attract attackers to cryptocurrencies, exchanges, and holders, but increased regulation and institutionalization have significantly improved crypto-cybersecurity.
The consequence of these two developments is that cyber attacks will increasingly target owners and individual users. The main security concern will be to develop systems that are secure enough that users cannot disclose their assets. Most attacks will be carried out using social engineering and tricking users into installing vulnerable software. Experts point out that phishing scams will be the biggest security problem.
There is also a risk of investment fraud targeting the DeFi sector. Scammers will take advantage of cryptocurrency users ‘ fear of missing out on an opportunity (Fomo) and the allure of getting rich quick to encourage them to join fraudulent investment platforms.
The problems will be compounded by the regulatory uncertainties associated with DeFi, which can increase the risk of hacking by reducing liability. There are many regulatory questions regarding DeFi protocols, such as whether they should be considered as central funding (CeFi). Regulators need to address the challenges of being held accountable for negligence, non-compliance, hacking, and money laundering.
The growing threat of cyber attacks will only increase the demand for cybersecurity services, as recent data predict that investment in this sector will reach $250 billion by 2023. Other factors include strict data protection requirements and the increased threat of cyberterrorism, which is projected to cause nearly $6 trillion in damage in 2021.
Blockchain will continue to be subject to cyber attacks and security breaches in 2021. Most attacks will target the fast-growing DeFi sector, which is still struggling with flawed systems and inadequate human capital. At the same time, the increased value of crypto assets will encourage attackers to target users using social engineering techniques. Meanwhile, tighter regulation will force companies to invest in cybersecurity and drive growth and innovation in the sector.