Articles by "Attack"
Showing posts with label Attack. Show all posts

di August 19, 2020 0

Ethereum Classic 51% Attack: Okex Crypto Exchange Suffers $5.6 Million Loss, Contemplates Delisting ETC


Cryptocurrency exchange Okex reveals it suffered the $5.6 million loss as a result of the double-spend carried out by the attacker(s) in Ethereum Classic 51% attack. Okex says it fully absorbed the loss as per its user-protection policy while insisting that the attack did not cause any loss to the platform’s users.

Also as part of its immediate responses to the attack, the OKEx team said the “exchange had suspended deposits and withdrawals of ETC to prevent further losses.”

A total of five accounts on the exchange had been used in the attack and now the Okex team says it has “suspended the five accounts to prevent further incidents.”

Immediately following the attack, ETC developers initially downplayed the event by characterizing it as an “accident.” At the time, the developers doubted if any major double-spend attacks had occurred.


However, an investigation by a blockchain analysis firm later revealed the “accident” was, in fact, a 51% attack, and that $5.6 million had been stolen. At the same time, reports linking Okex wallets to the incident also surfaced.

Responding to these reports in a blog, the Okex team clarifies that the “exchange was only involved in that the attacker(s) used the exchange to purchase and trade ETC.”

The Okex team also believes the exchange was targeted probably because it “provides excellent ETC liquidity, seeing some of the largest ETC transaction volumes in the industry.”

The blog report suggests that “the attacker(s) likely calculated that they would be able to relatively easily and promptly trade large amounts of ETC on OKEx.”

Regarding more steps it will take, the Okex team said:
“Additionally — given OKEx’s responsibility to protect users from similar incidents that threaten the security of their funds — the exchange will consider delisting ETC, pending the results of the Ethereum Classic community’s work to improve the security of its chain.”
However, the blog post does not give a specific time frame when the ETC community is expected to improve this.


Meanwhile, in his comments on the attack, Tim Ismilyaev, CEO and Founder at Mana Security, says such incidents are “common for less popular blockchains, ETC can’t fix it without significant amendments into their architecture.”

Ismilyaev also offers his view on why Okex still suffered the loss even after the ETC team had advised exchanges to halt deposits and withdrawals soon after the attack. Ismilyaev explains:

ETC’s advice was released after the attack occurred, so Okex couldn’t stop the withdrawal of stolen funds. Noteworthy, the attacker most likely knew how Okex risk management systems work. It allowed him to withdraw stolen funds without being detected. That’s why he deliberately traded assets only on OKEX rather than splitting funds across multiple exchanges to hedge the risks.


With one exchange, Kucoin having delisted ETC margin trading from its platform, the ETC team faces increased pressure to address the security challenges or face more delistings.
Read more »

di June 09, 2020 0

Maze Gang Steals Around 1.5TB Data From ST. Engineering Aerospace

The US subsidiary of ST Engineering Aerospace recently lost about 1.5TB of sensitive data from its own company and partners, by a ransomware attacker.

On June 06, The Straits Times quoted the Cyfirma investigation, a cybersecurity company, as saying that in March 2020, the Maze gang allegedly attacked ST Engineering Aerospace.

Contract Details Stolen

The report further explained that the criminals had stolen data that included details of company contracts with various organizations, governments and airlines around the world.

On March 03, ST Engineering Aerospace released an internal memo that included details of ransomware infections at VT San Antonio Aerospace.

According to the memo, initially, the attack was not carried out by McAfee nor by the defenders of the Widows. The company itself recognized the problem after learning that the file was renamed and the associated "DECRYPT-FILES.txt" was encrypted in the same folder.

Separate Aerospace Commercial Operations

The vice president at VT San Antonio Aerospace, ED Onwe, when discussing the issue of the ransomware attack, said that recently, they had investigated the problem and they found that the company had fallen victim to the ransomware attack. They have now decided to separate the US commercial operations from ST Engineering to a limited amount.

The vice president also announced that at present, their business is being operated in this country.

Cyfirma has confirmed that the attackers have stolen details of the company's contract with the Peruvian government and the Argentine government. They have even stolen data that contains information about contracts with NASA.

Recently, a threat analyst at Emisoft, Brett Callow, shared his views on this issue and has stated, "The Ransomware group often leaves a back room that, if not addressed, can provide continued access to the network and allow a second attack. This is one reason why we always recommend that companies rebuild their networks after an event and not just decrypt their data. "

Read more »

di January 27, 2020 0

Up until recently, a 51% attack on bitcoin was considered an impossibility. 


Increasingly, however, the attack, which involves a hacker gaining control of a majority of systems on bitcoin’s network and altering transactions on its blockchain, is becoming a plausible reality. The latest proof of this comes from bitcoin gold, a bitcoin fork which began trading on exchanges last year. According to a post on one of the cryptocurrency's forums, the hacker is targeting exchanges that trade bitcoin gold.

“We have been advising all exchanges to increase confirmations and carefully review large deposits,” Edward Iskra, BTG’s communications director, wrote. The hacker could attempt to double-spend stolen coins from an exchange by exchanging them into fiat currency or another crypto and using the same coins from his or her wallet to buy more crypto. The online publication Bitcoinist estimates that the hacker stole $18 million worth of bitcoin gold.

Not even the first 51% attack

Bitcoin gold is the latest crypto to suffer from a 51% attack. The Verge has reportedly suffered three 51% attacks this year. The latest one occurred yesterday. Last week, a hacker exploited a vulnerability that had caused the previous 51% attack to decamp with $35 million worth of its cryptocurrency.

According to recent research, the costs for hacking cryptocurrencies are declining. This is partly due to the increasing number of forks within cryptocurrencies. For example, according to a recent post on Medium an average of $70 million is required to cripple ethereum classic’s blockchain. That amount can easily be generated by using profits generated from mining ethereum, a cryptocurrency that uses the same algorithm. The same post estimated a cost of $200,000 to instigate a 51% attack on bitcoin gold.

But Iskra's post suggests that sustaining such an attack for a long period of time could turn out to be expensive for the hackers. "The cost of mounting an ongoing attack is high. Because the cost is high, the attacker can only profit if they can quickly get something of high value from a fake deposit. A party like an Exchange may accept large deposits automatically, allow the user to trade into a different coin quickly, and then withdraw automatically. This is why they are targeting Exchanges," he wrote.

A separate blogpost on BTG’s site outlined a series of steps that the cryptocurrency's developers intend to take in order to make it hack-proof. These include upgrading its network to an Equihash algorithm, which is a customized Proof of Work (PoW) algorithm that does not require as much processing power as the current algorithm. The cryptocurrency is also developing an ASIC-resistant network to ensure that only large machines do not dominate its network.

Investing in cryptocurrencies and Initial Coin Offerings ("ICOs") is highly risky and speculative, and this article is not a recommendation by Investopedia or the writer to invest in cryptocurrencies or ICOs. Since each individual's situation is unique, a qualified professional should always be consulted before making any financial decisions. Investopedia makes no representations or warranties as to the accuracy or timeliness of the information contained herein. As of the date this article was written, the author owns 0.01 bitcoin.

Read more »
Subscribe to: Posts (Atom)