A BRIEF HISTORY OF BITCOIN HACKS - BLOCKCHAIN101
The most memorable of these hacking incidents is undoubtedly the 2016 Ethereum The DAO event, where the hacker utilized a contract vulnerability to successfully transfer over 3.6 million ETH from the main contract to a child DAO within just two days. This was a recursive splitting method, and the collected coins were eventually transferred away.
3.6 million ETH, worth over 60 million dollars at the time, was the amount stolen in this far-reaching hacking incident. If calculated based on ETH's historical highest price, 3.6 million ETH would be worth close to 17.5 billion dollars.
This hacking incident, which had the potential to change the history of Ethereum's development, only had initial suspects in 2022, but to this day there is no concrete evidence to restore the truth.
When we look back at this hacking incident in the world of cryptocurrencies, we find that this attack not only toppled The DAO, but also had another, even worse "side effect": many people began to doubt whether decentralized autonomous organizations were just a pipe dream and whether "Code is Law" was just a castle in the air.
Of course, ignorance of technology is neither good nor evil, and hacking incidents in the blockchain world have never ceased. Which one is the core of the hacker's attention: exchanges, wallets, public chains, various ecological DApps, DeFi projects...
Let us use the annals of history to sort out the history of hacking attacks in the blockchain field for everyone.
·2010· Value Overflow Incident
In August 2010, a developer named Jeff Garzik noticed a block that created 92 billion BTC, far exceeding the supply limit of 21 million. Essentially, when the code was run, if the output result was too large to be added up without overflow, the code checking Bitcoin transactions would be invalid. Hackers exploited this to create the block and added two transactions of 92 billion BTC each. Within 5 hours of the incident, Satoshi Nakamoto released version 0.3.10, and the updated client began to replace the flawed block with valid ones, an early example of a cryptocurrency "hard fork." Version 0.3.10 has been in use ever since, and the 184 billion "Bitcoins" on the old chain have become worthless. This is one of the few cases where hackers directly attacked blockchain technology.
·2011· AllinVain Theft Incident
A hacker invaded the hard drive of a miner with the username AllinVain and stole 25,000 BTC. Although the stolen funds were digital currency, this act was similar to stealing bank account funds from a personal computer. This was the first reported cryptocurrency theft case, which had a significant impact at the time.
·2012· Bitcoinica
Bitcoinica was a well-established exchange that suffered two hacker attacks in 2012. Hackers exploited its lax server security to obtain customer data (including keys), stealing a total of 61,000 BTC, which ultimately led to Bitcoinica's bankruptcy.
·2012· Bitfloor
Similar to the theft process of Bitcoinica, hackers invaded Bitfloor's server and stole 24,000 BTC. Bitfloor never recovered and shut down in April of the following year.
·2014· Poloniex
In March 2014, the server of the newly established Poloniex exchange was breached just two months after its founding. A hacker discovered a vulnerability in Poloniex's withdrawal system, which allowed negative balances to occur when multiple requests were received simultaneously. The withdrawal system shut down access to affected accounts after noticing abnormal activity, but not before 12.3% of Poloniex's total cryptocurrency reserves were stolen. Poloniex temporarily deducted 12.3% from each account's balance, with plans to fully restore them later. Poloniex eventually survived and was acquired in 2018.
·2014· MtGox
MtGox, the largest established exchange at the time, also suffered the most severe hacker attack.
MtGox was initially a trading card website created by programmer Jed McCaleb. In July 2010, he read an article about Bitcoin, modified the website code for Bitcoin trading, and sold the website to Mark Karpeles in 2011. By 2014, MtGox handled 70% of global Bitcoin transactions.
On February 7, 2014, MtGox announced a trading suspension, citing vulnerabilities in its security software. Two weeks later, the site suddenly disappeared, and MtGox filed for bankruptcy. The total loss amounted to 850,000 BTC, valued at $470 million at the time. This issue undermined investor confidence, causing Bitcoin to plummet by 36%.
Many people suspected that Karpeles embezzled the funds, and he was arrested in 2015 on charges of fraud, misappropriation of funds, and manipulation of user balances, but this could not directly prove his involvement in the exchange theft. In 2017, U.S. authorities arrested Russian national Alexander Vinnik in Greece, whose controlled wallet contained not only stolen Bitcoins from MtGox but also from Bitcoinica and Bitfloor.
·2015· Bitstamp
Multiple hacking incidents led exchanges to increase their vigilance, beginning to store coins in two types of wallets. One is a cold wallet, which is a server not connected to the internet, essentially achieving air-gapping by blocking external network access. The other is a hot wallet, providing users with sufficient cryptocurrency for daily transactions. In January 2015, hackers stole 19,000 BTC from Bitstamp's hot wallet using phishing techniques. Fortunately, Bitstamp stored 90% of its cryptocurrency in cold wallets, narrowly escaping disaster.
·2016· THE DAO
Referring to the aforementioned DAO incident, let's briefly review the event.
The operation of Ethereum-based cryptocurrencies is different from Bitcoin but has also been proven to be more susceptible to hacking. Ethereum's environment is different from other cryptocurrencies. ETH is traded through "smart contract" code, which runs when predetermined conditions are met. Because they run on a blockchain network consisting of 6,000 computers, they are not subject to modification or censorship. Ethereum's architecture supports Decentralized Autonomous Organizations (DAO), which allows rules and decisions to be written into the blockchain in code form, allowing smart contracts to operate without human supervision.
In April 2016, Genesis DAO created a community where investors could vote on projects, and projects receiving more than 20% support would be funded. The DAO raised $250 million on Ethereum. By June, hackers discovered a vulnerability that allowed multiple withdrawals of the same token at a rate faster than the smart contract code update. Within a few hours, 30% of the ETH in the DAO was transferred out. After the theft was made public, Genesis DAO implemented a hard fork, creating a new chain. However, this fork was opposed by some members of the Ethereum community who believed that tampering with timestamps would damage the value of other ETH holders. The Ethereum community then voted, with 89% of people agreeing to accept the new block. Opponents separated from the community, insisting that the original chain was "Ethereum Classic."
This was a real blockchain attack. At current prices, the stolen 3.6 million coins, if considered ETC, are worth more than $40 million; if considered peak ETH, their value is close to $17.5 billion.
·2016· Bitfinex
This is the second-largest exchange hack after MtGox's hot wallet was stolen. Ironically, a security upgrade designed to increase security had a flaw that was exploited by hackers. Bitfinex used BitGo software to set up a multi-signature system to authorize transactions. It is still unclear how hackers easily bypassed the multi-key requirement, but the most widely accepted assumption is that the system was improperly installed on Bitfinex servers. Hackers stole 120,000 BTC, worth $72 million at the time.
·2017· Parity
Ethereum was also affected by multi-signature system vulnerabilities. On July 17, 2017, an attacker targeted multi-signature wallet provider Parity, aiming at three companies that had recently completed ICOs. The hacker stole a total of 152,037 Bitcoins, worth $32 million. Parity attributed the attack to a vulnerability in the smart contract code in the Parity wallet version and released a patch on July 20.
Unfortunately, the patch that fixed the smart contract issue introduced another security vulnerability. Parity added a "kill" function to its smart contract code, which allows users to permanently lock Parity wallets. The developers did not update this code in all user wallets but chose to call functions from a centralized library (contract library). On November 6, a programming novice with the username "devops199" accidentally locked the library, and all wallets connected to the library were also locked. A total of 587 wallets were affected, containing 513,774 ETH, valued at approximately $150 million.
This was not a crime or malicious act, but it posed a significant issue for Ethereum: should a hard fork be executed again to restore the 587 locked wallets? In April, Parity initiated a vote in the Ethereum community, which was rejected by 55% of the votes against the hard fork. As a result, 513,774 ETH were permanently sealed.
2017 NiceHash:
NiceHash, a Slovenian-based mining company, was hacked. Cybercriminals successfully used phishing to steal an employee's credentials, making away with 4,700 BTC valued at $80 million.
2018 Hacking Incidents Overview:
1. In January, Japanese cryptocurrency exchange Coincheck was hacked, resulting in the illegal transfer of more than $534 million worth of NEM on the platform.
2. On February 11, Italian cryptocurrency exchange BitGrail was hacked, and approximately $170 million worth of NANO was stolen.
3. On April 22, a significant vulnerability was discovered in BeautyChain's smart contract. Hackers exploited this vulnerability to generate unlimited tokens, causing the value of BEC to plummet.
4. On April 25, SmartMesh announced a suspected major security vulnerability and suspended all SMT trading and transfers until further notice, resulting in a loss of around $140 million.
5. On July 10, Israeli cryptocurrency exchange Bancor was hacked, with more than $2.35 billion worth of ETH, NPXS, and BNT illegally transferred from the platform.
6. On July 25, the EOS Fomo 3D werewolf game contract suffered an overflow attack, with 60,686 EOS stolen from the reward pool, causing some rewards not to be distributed according to the game rules. The EOS Core Arbitration Forum (ECAF) arbitrated the hacker and froze the hacker's EOS account: eosfomoplay1.
7. On September 20, Japanese cryptocurrency exchange Zaif was hacked, resulting in a loss of 6.7 billion yen (approximately $60 million in cryptocurrency), including 5,966 Bitcoins. According to CNN, the stolen funds included $40 million in customer funds and $20 million belonging to the exchange.
8. On December 3, the EOS Dice3D hack resulted in a loss of 10,569 EOS. The hackers transferred the stolen EOS to Huobi, and Dice3D officials decided to compensate players with some EOS at their own expense.
2019 Hacker Events Summary
February 22, EOS42 was hacked. The hacker exploited a vulnerability in EOS nodes that had not updated their blacklist, causing EOS42 to lose 2 million EOS. After this security incident, the EOS community began to take preventive measures to avoid similar situations from happening again.
March 30, the South Korean cryptocurrency exchange Bithumb was hacked, resulting in more than 3 million EOS (approximately $12.7 million) and 20 million XRP (approximately $6.2 million) being stolen.
May 8, the world's largest cryptocurrency exchange Binance announced that it had been hacked, with a total of 7,000 bitcoins stolen, causing an estimated loss of over $40 million.
July 12, the Japanese Financial Services Agency-certified cryptocurrency exchange BitPoint was hacked, with thousands of bitcoins and various cryptocurrencies stolen, totaling a loss of 3.5 billion yen. BitPoint's Taiwan branch also suspended its services from July 23, preventing users from trading cryptocurrencies or withdrawing funds from their accounts.
·2021· White Hat Hacker Incident
According to incomplete statistics from SlowMist Hacked, there were frequent security incidents in the blockchain world in 2021. The number, danger, amount involved, and impact of these incidents far exceeded those of previous years, including the rare appearance of a white hat hacker incident, which sounded the security alarm for people.
In August 2021, an anonymous hacker attacked the heterogeneous cross-chain protocol (Poly Network) and quietly transferred $250 million, $270 million, and $85 million in cryptocurrency assets on the Ethereum, Binance Smart Chain (BSC), and Ethereum sidechain (Polygon) blockchains, respectively. The total amount reached $610 million, and the entire process took 34 minutes.
$610 million is not only the largest hacking incident in DeFi history but also the largest in the entire cryptocurrency history (The DAO incident with a peak value of nearly $1.75 billion was calculated at its peak value, but its real-time value was $60 million). It surpassed the famous Mt.Gox incident (744,408 BTC, about $400 million at the time) and the Coincheck case (523 million XEM, about $534 million at the time).
However, as various parties began to close in, the hacker returned most of the stolen assets within the following 12 days, claiming that they were not interested in money, and the label of "white hat hacker" was born.
So-called white hat hackers refer to a group of people who maintain network security using the destructive attack methods typical of hackers, as opposed to black hat hackers. However, the most famous white hat hacker in 2021 did not obtain permission before carrying out the attack and was involved in an amount of up to $600 million. It was only in the end that they returned all stolen assets, and Poly Network decided not to pursue legal responsibility.
In summary:
The frequent security incidents, coupled with the industry's plunge, continuously undermined the confidence of blockchain participants. However, we can change our perspective and look at the development of the entire industry. If industry participants can learn from these massive loss incidents and pay more attention to security construction, it will be truly beneficial for the thriving development of the blockchain industry.
Comments
Post a Comment