Can Current Crypto Security Protect Your Digital Assets?
The development and utility of the blockchain are impressive. Users have the ability to manage their money, invest and benefit from micro-economies in ways that are not possible in conventional financial systems. Users can access opportunities in staking, yielding, and transacting across chains. However, activity on the blockchain is not without its risk.
News of cyberattacks on various chains and inside decentralized exchanges is not uncommon, with Ethereum the most popular network in terms of locked-in value, which makes this a prime target for cyberattackers. It currently boasts over $114.49 locked in its various platforms and projects.
The level of cybercrime which is taking place is causing users to pause and reconsider their options on which DEX to use, and whether to start using cold storage for their holdings instead of keeping them inside wallets. And yet cold wallets or hardware wallets can also be attacked. Research was conducted into this where the researchers launched an attack on the Nano S Ledger wallet. The researchers were able to obtain private keys, PINs, recovery seeds, and passphrases.
Types of attacks
Of all cyberattacks conducted in the last decade, 80% of them have been on the blockchain. The total of attacks accounted for $2.5 billion, where Bitcoin and the altcoins represented a staggering $2 billion.
Attacks can commonly take place on exchanges, as you will see from the list below, but they can also take place on the chain itself, on the users’ wallet, through smart contracts as in the below example of the Wormhole attack, through transaction verifications by double-spending, and through mining pools where miners pool together to bring greater rewards. This represents a sweet spot for attackers.
Here are some of the more memorable attacks
Just this week, one of the most commonly used bridges which connect the Ethereum and Solana chains was breached, with users losing over $320 million worth of coins.
Poly Network 2021
This represents decentralized finance’s 2nd largest-ever breach, following that of the Poly Network, which saw the protocol losing around $600 million, before a surprising turn of events which saw the attacker returning a large chunk of the coins.
Mt. Gox 2011 and 2014
No list would be complete without mentioning Mt. Gox. This represented the first major breach in the crypto realm. This Japanese exchange was launched in 2010 and was at one point the largest exchange in the world – transacting around 70% of all Bitcoin activity worldwide. The next year after launch, the exchange was attacked leading to around $.75m being stolen. The same exchange, which had guaranteed that it would shore up its security, was then attacked again in 2014. This time around 850,000 bitcoins were stolen. It was accomplished by the criminals flooding the exchange with fake bitcoins. The exchange suddenly found itself in deep water as it faced numerous lawsuits, particularly about its unencrypted source code which could be overwritten by any programmer.
More recently, the world-renowned exchange Coin played host to a major attack, which in 2020 saw criminals steal over $280 million worth of crypto. In addition, hackers got hold of the keys on some of the biggest wallets on the exchange. This remains one of the largest hacks.
What’s the solution?
While security is integrated across all blockchain networks and through DEX’s and blockchains are created to resist conventional attacks, criminals are becoming ever more sophisticated in their approach to attacks. Hence, the need for security providers to enhance their tools.
One provider that is offering a solution at the wallet level is a company called BlockWallet. Its goal is to make crypto transfers as private and secure as users experience with their bank transfers. The solution allows users to engage with privacy smart contracts on the Ethereum network while providing a layer of privacy to the amount and origins of the holdings inside the wallet. The wallet holds the coins in a decentralized and non-custodial way. The wallet works by protecting privacy in crypto transactions, for instance, every time a user makes a withdrawal a new wallet address is created so that the user cannot be connected to the depositing address. This solution will also offer protection on DeFi web3 integrations and support for Metamask Snaps Plugins, which will enable frictionless connectivity and usage.
New projects must consider having the safety of their platform or tool tested before rolling out and taking on board value. Users must be careful about how they store their holdings and save their passcodes and seed phrases. The key is for users to always place privacy and security above all else.