5 Types of Attacks on Blockchain and Their Best Prevention: Part 1 of 2
Blockchain technology which was earlier thought to be intrinsically secured turns out to be equally vulnerable to attacks and exploits by malicious people. The most common are attacks such as 51%, DDoS, Phishing, Routing, and Endpoint Vulnerabilities. Let’s explore them in detail.
51% Attacks
Validators are an important part of blockchain They validate transactions and are responsible for adding new blocks to the chain. These validators/miners operate through nodes in any blockchain. Blockchains operate through a consensus algorithm where all transactions are verified by a majority of validators to be able to add to the system. There are either open systems where anyone with computational power can become a validator like Proof-of-Work systems or certain systems where you have to pledge certain numbers of tokens to become a validator like in Proof-of-Stake. To acquire control over the system hackers try to acquire 51% of the computational power of the system.
The $600 Million+ attack on Axie infinity’s Ronin Bridge by the North Korean Lazarus Group was such an example where they acquired control over 5 out of 9 validator nodes.
To prevent these kinds of attacks, the number of nodes should be increased along with the net computational power of the system.
DDoS Attacks
Distributed Denial of Service attack is done through a network of digital robots. These networks are called Botnets. In such attacks, these botnets send a very high number of data requests to your website or platform and try to overwhelm its capacity. Since each not is very much identical to a genuine computer connected to the internet, they are much harder to detect. The target of each attack is different. Some try to ask for ransom while others intend to crash your website and use phishing websites to route your customers.
Recently Cloudflare saved a crypto platform from a record 15 Million requests per second DDoS attack.
To prevent such attacks, you need to use a web security tool like Cludlflare that automatically responds to the attack through its algorithm.
Phishing Attacks
In simple terms, phishing is the creation of a similar website or platform, identically original in terms of appearance and very close to the original web address. These websites target users who are not well versed in web security and best practices. Since a majority of users of any platform fall into this category, they are very easy to target. Further, in our fast-paced lives, it becomes difficult to identify small irregularities that could help us identify fake websites.
A recent incident of Phishing was discovered on the popular blockchain explorer website Etherescan. The ads on the website were redirecting users to a website that asked them to do swaps through DEXs on a lucrative offer.
To prevent such attacks:
- Always look for HTTPS
- Always check the padlock symbol
- Remember the web addresses of important websites such as Crypto Exchanges, Banks, etc
- Do not do financial transactions on websites through ads
We will be back soon with the next part of this article, till then stay tuned.