How Blockchain Applications Can Be Hacked, And What You Can Do To Prev


Presentation Description

No description available.


Presentation Transcript


https ://


How Blockchain Applications Can Be Hacked, And What You Can Do To Prevent It Despite much of the early hype,  blockchain applications  are not “ unhackable .” In the last year, a handful of highly visible attacks against blockchain -based tools served as a reminder that there’s no such thing as flawless security. Luckily, none of the recent blockchain compromises have done lasting damage to its overall public image. In fact, cryptocurrency is more popular than ever before. With this in mind, spreading awareness of blockchain security issues has become a key task for the crypto community. Following these highly public incidents, developers and end users alike are discussing ways in which cryptocurrency security can be compromised, and the various countermeasures most effective against it.


Bitfinex made early promises to repay all of its investors in full, a goal it was able to meet by April 2017. This helped to quell speculation that the exchange was compromised from within and helped rebuild its overall reputation. The repayment and overall recovery of Bitfinex marks it a success story, and today the Hong Kong-based exchange has reasserted itself as a leading cryptocurrency trading platform . The takeaway from the attack on Bitfinex is that well-known hacking methods are very much present in the cryptocurrency realm, no matter how strong the blockchain might be. The attack did not reveal any weaknesses in blockchain protocol itself, but a layer of encryption that was added to it. This additional protection was the site of exploitation — i.e., the place where the private key was taken . Stealing private keys has been a hacking strategy since the rise of key-based encryption, and often happens through  social engineering . If social engineering was indeed the culprit in this case, the attack may have simply been prevented by sharper awareness and defensiveness. Even in the “ unhackable ” territory of blockchain , there’s no shortcut for individual vigilance.


Another recent attack likewise stemmed not from protocol weakness, but missteps taken by an external party. TheDAO hack was a very regrettable affair: it not only resulted in net financial loss, but reflected poorly on the idea of  DAOs  and undermined confidence in the  Ethereum blockchain . The strong controversy over the hard fork that resulted from theDAO hack stands as a significant chapter in the Ethereum saga. This incident resulted from a weakness in the  smart contract  written for it — not the blockchain itself. Since its inception, Ethereum has been committed to open source. Accordingly, it supports the type of third-party development that was necessary to create theDAO . But there is risk associated with the creation of third-party applications, even if the platform on which it is built has proven strong. Developers make mistakes, especially when they’re not backed up by a large and well-established team. Unfortunately, theDAO was an attractive target for those who keen to exploit this type of oversight.


Thank You