© 2023 PDN Cyber Security Consultant. All rights reserved.
The characteristics that make blockchain secure are precisely those that can attract cybercriminals.
Some very specific cyber attacks are also linked to the use of blockchain. Below are a few examples:
A 51% attack occurs when a group controls more than half the computing power of the blockchain network. This allows them to modify transactions by altering the integrity of the distributed ledger. Although this attack is difficult to carry out for large-scale blockchains such as Bitcoin, it is still possible for smaller, less secure blockchains.
Smart contracts, which automate transactions on the blockchain, are vulnerable to coding errors, allowing cybercriminals to exploit loopholes, to siphon funds or change the terms of the contract. A famous example is the hacking of the DAO (Decentralized Autonomous Organization) in 2016, which led to the loss of 3.6 million ethers due to a flaw in the code.
Blockchain users are often the target of phishing attacks, where hackers are trying to obtain their private keys. Unlike traditional banks, blockchain transactions are irreversible, meaning that stolen funds cannot be recovered. This highlights a fundamental weakness of blockchain: responsibility lies entirely with the users.
The development of blockchain has indirectly contributed to the emergence of new hacking methods, improving criminal techniques for specific economic offences.
Cryptocurrencies make it easier for criminals to launder money by transferring funds anonymously and evading traditional financial regulation. Decentralised platforms, or exchanges, allow hackers to convert their illicit gains into legitimate currencies, making it difficult for the authorities to track transactions.
Ransomware is malicious software that encrypts the victim’s data, requiring payment in cryptocurrency to unlock it. Blockchain offers a level of anonymity that facilitates this type of attack. Notable attacks such as attacks targeting critical infrastructure in the US in 2021 show the scale of this threat.
Illicit marketplaces on the dark web often use blockchain to conduct cryptocurrency transactions, providing a secure environment for sellers and buyers of illegal items, such as drugs, weapons and hacking software.
Mt. Gox was one of the first high-profile cases of an attack involving blockchain. In 2014, this Bitcoin trading platform lost 850,000 bitcoins following a hack, which remains one of the largest in history. The lack of regulation and the vulnerability of the infrastructure allowed hackers to divert funds over a long period of time without being detected.
Poly Network, in August 2021, was the victim of a $600 million hack due to a flaw in its smart contracts. Poly network is a protocol for exchanging one cryptocurrency for another. Just before the attack, Poly Network had transferred around 1 billion in value. The hackers, having detected a weakness in the way the platform managed its cross-chain transactions, were able to transfer funds to addresses controlled by themselves. The pirate returned the funds, the aim of this attack being precisely to demonstrate the vulnerabilities of the system and to warn of the need to improve it.
Although blockchain is very poorly regulated, a few initiatives are beginning to appear. However, as blockchain is a global technology, regulations need to be standardised and harmonized if they are to be effective. However, there are disparities between countries, particularly in terms of user protection and transaction transparency.
Exchange platforms are now subject to Know Your Customer (KYC) and Anti-Money Laundering (AML) obligations, to prevent criminals from using blockchain as a tool to hide their funds.
Regulatory authorities are beginning to monitor and block certain addresses associated with criminal activities. In 2020, the United States seized more than $1 billion worth of Bitcoin associated with the Silk Road black market.
In 2021 Microsoft published a research paper in which they wrote that they wanted to use the Ethereum blockchain to create a system to combat the sharing of illegal content on the internet; however, nothing seems to have been put in place yet and the paper describing the process is no longer available.
Other initiatives exist in two areas: content monitoring, and the hunt for cybercriminals.
In theory, if the internet were built on blockchain technology, it could become impossible or, at the very least, extremely difficult for pirates to illegally share media content and benefit from it. It would make it possible to store a large amount of information and, in particular, to trace the theoretical use of illegal content, as well as the device on which this content was used.
A South African company, CusosTech, has included a watermark that rewards with cryptocurrency any user who spots an illegal use of content protected by this watermark.
But such initiative remain marginal and are rather unreliable for the moment.
Come back to read us in December; we will study a little-known phenomenon: piracy vulnerabilities in electric vehicles. In the meantime, if you have a film, series, software or e-book to protect, don’t hesitate to call on our services by contacting one of our account managers: PDN has been a pioneer in cybersecurity and anti-piracy for over ten years, and we’re bound to have a solution to help you. Happy reading and see you soon!
Share this article
© 2023 PDN Cyber Security Consultant. All rights reserved.