Decentralized finance (DeFi) platforms have suffered significant losses due to a series of exploits in February, with at least $21 million in crypto being drained from seven protocols, according to DeFi data analytics platform DefiLlama. Among the notable incidents were the flash loan reentrancy attack on Platypus Finance, which resulted in $8.5 million in losses, and the price oracle attack on BonqDAO, which saw an exploiter manipulating the price of AllianceBlock (ALBT) token, causing a loss of an estimated $120 million, although the attackers reportedly only managed to cash out $1 million due to a lack of liquidity on BonqDAO.
Other exploits included a reentrancy attack on Orion Protocol, resulting in a loss of roughly $3 million, and another on dForce network, leading to around $3.65 million in losses. However, in a surprising turn of events, all funds were returned to dForce when the attacker revealed themselves to be a white hat hacker. The attack on Platypus Finance was also notable because the team announced their intention to return 78% of the main pool funds by reminting frozen stablecoins.
Smart contract exploits were also prevalent, with the algorithmic stablecoin project Hope Finance losing roughly $2 million due to a smart contract exploit, and multichain exchange aggregator Dexible experiencing a loss of $2 million worth of cryptocurrency through an exploit that targeted the app’s selfSwap function.
Additionally, BNB Chain-based DeFi protocol LaunchZone suffered a loss of $700,000 worth of funds due to an attacker leveraging an unverified contract.
These incidents come after blockchain data firm Chainalysis revealed in its 2023 Crypto Crime Report that hackers had stolen $3.1 billion from DeFi protocols in 2022, accounting for more than 82% of the total amount stolen in the year.
Despite the losses, the DeFi space continues to grow, with the total value locked (TVL) in DeFi protocols reaching over $104 billion as of February 28, according to DefiLlama. The platform also noted that the number of users on DeFi platforms has steadily increased since 2020, with over 5.8 million unique addresses interacting with DeFi protocols in February 2023.
These incidents highlight the need for continued vigilance and improvement in DeFi security measures to prevent such exploits from occurring. While the DeFi space has seen significant growth and innovation in recent years, it is clear that security remains a crucial concern that must be addressed to ensure the continued success and sustainability of the ecosystem.
New research conducted by Unstoppable Domains, Efani, and NGRAVE suggests that more than half of crypto investors, taking 54% of the respondents, store their security keys on a paper wallet amid intensified cyber attacks.
More than half of crypto users (54%) continue to keep their backup on a paper wallet. Furthermore, 50% of respondents stated that if someone were to find their backup, their keys would be compromised, per the report.
The study scrutinized investors’ attitudes towards asset security in the crypto space. It was undertaken in 87 countries, with 2,000 people being surveyed.
Ruben Merre, the CEO and co-founder of NGRAVE, noted:
“The results of our annual Security Self-Audit show that there are glaring gaps in the methods investors are using to ensure the security of their assets, especially at a time when high-profile and high-value breaches are becoming increasingly common. It is clear that there is much to be done to secure the crypto assets of investors the world over, if the industry is to avoid the hacks that we have seen in recent months.”
On the other hand, most respondents had a preference for exchanges. The research stated:
“62% of respondents store part of their crypto on multiple exchanges, while a third of people store more than 40% of their crypto on a single exchange, leaving them vulnerable to a single point of attack.”
According to the study, the wallet of choice was a QR-code based hardware wallet, with 6 in 10 respondents using one. Furthermore, the use of these wallets also doubled from 10.4% to 21%.
Merre noted that despite 54% of crypto investors keeping their security keys in a paper wallet, this trend declined compared to 67% recorded last year as other options like social backups through Shamir Secret Sharing (SSS) were coming up. He added:
“This trend speaks in favor of the use of metal backups, which grew significantly from 15.8% to 25% over the course of the last 12 months.”
Merre believes investors ought to trust that their assets are secure and safe for mass adoption to happen in the crypto industry.
Some of the mistakes that should be avoided when securing crypto assets include not using a brain wallet, avoiding custodial wallet options, and not paying for a wallet, Blockchain.News reported.
Australia’s top cyber spies are set to gain greater powers in the event of ransomware or other cyber attacks on critical infrastructure.
The Australian Signals Directorate (ASD), a government agency in charge of cyber warfare and information security, would be able to take over control of critical infrastructure — including energy, communications and banking systems — under new legislation introduced into Parliament.
The legislation even includes health care and grocery businesses under the definition of critical infrastructure and imposes new positive security obligations.
For ASD operatives to provide assistance, operators from the affected infrastructure would have to report a serious cyber incident.
According to The Australian newspaper, the Critical Infrastructure Bill will be introduced to parliament, on Wednesday, with bipartisan support from the committee that examined it.
Home Affairs Minister Karen Andrews stated the measures proposed will ensure the safety of essential services that Australians rely on:
“Recent cyber-attacks and security threats to critical infrastructure, both in Australia and overseas, make these reforms critically important.”
But a coalition of Australian and international tech industry groups is opposed to the new law. “Without significant revision, the bill will create an unworkable set of obligations and set a troubling global precedent,” they wrote in a joint letter.
There have been a string of high-profile ransomware attacks this year, including the Colonial Pipeline cyber attack in the United States in May, which forced governments around the world to rethink their vulnerabilities and highlighted crypto’s role in the attacks.
Another ransomware attack in May, on Australian meat processor JBS, pushed Australian lawmakers to take a tougher stance. A new Ransomware Action Plan, which was released last week, will allow Australian authorities to seize or freeze financial transactions in cryptocurrencies that are associated with cybercrime, regardless of the country of origin.
The Parliamentary Joint Committee on Intelligence and Security said the “threat of cyber security vulnerability and malicious cyber activity has become increasingly evident in recent years” with about a quarter of reported cyber security incidents affecting critical infrastructure organizations.
What happens when your Lightning Network routing node is fed with garbage transactions that never resolve? In short, it causes a lot of grief for routing nodes. What was once a smooth, global payment system can be locked up with trivial effort from a savvy script writer.
Working in a small team of routing nodes, we successfully ran a test of the attack with real funds and demonstrated the “griefing” attack described by Joost Jager. The attack is called a grief attack since it is not a theft of funds, but it causes a victim’s Lightning funds to be frozen: a major upset. What we found is that griefing is a serious threat to large “wumbo” channels expecting to earn a yield on their bitcoin, only to have their funds frozen for a period of time.
This is mostly a grief attack: no loss of funds, but the victim may be forced to pay for an expensive channel force close. This is a known vulnerability on mainnet Lightning and it needs to be understood and prioritized, especially at this early market stage of Bitcoin’s Lightning Network.
Thanks to Clark Burkhardt and Phillip Sheppard for their willingness to participate in this test and to Jager for his tireless work to bring attention and priority to this vulnerability. Jager played the role of the attacker for our demonstration, while Burkhardt and Sheppard joined me as connected victim routing nodes.
How The Attack Works
The attacker saturates one (or several) channel(s) with Hashed Time Locked Contracts (HTLCs) that don’t resolve as a finalized payment. These are a special breed of HTLCs known as HODL invoices. Only 483 of these unresolved HTLCs are required to overwhelm a channel per direction. Once those HTLCs are in the channel, any transactions using that same channel direction are impossible, including a transaction to cooperatively close that channel.
In theory, an attacker could contact the victim (perhaps via a keysend message or in an “onion blob”) and demand a ransom be paid to halt the attack. Once the ransom is paid, the attacker could remove the unresolved payments, ending the attack. The attack can be sustained indefinitely, halting all routing and payment activity in that channel. This freezes the funds in the Lightning channel.
Both directions of payments can be stalled in a channel by using 483 HTLCs in each direction, both inbound and outbound.
Thunderhub view of my balanced channel to Burkhardt under attack. The channel shows as “Not Active,” as if Burkhardt were offline, but he wasn’t. The amount in blue is the local balance in sats, the amount in green is the remote balance in sats owned by Burkhardt. Source: Thunderhub.
Why Would An Attacker Do Something Like This?
The first motive that comes to mind is to demand a ransom. This attack causes pain for the victim and paying a ransom may be attractive to a victim, even without assurance that the attack would stop. Contacting the victim might be risky for an attacker, but a ransom payment might not be the only reason someone would do this.
A secondary incentive for launching a griefing attack would be to disrupt routing competition. Jamming a competitor’s route could create more demand for a route owned by an attacker.
As a benchmark, consider that Lightning Labs’ Loop node has an ongoing demand for liquidity for which it will sometimes pay a 2,500 parts per million of the payment (ppm) (0.25 percent) fee rate. In my experience, they would normally exhaust 16 million sats’ worth of liquidity in about two weeks (5.2 percent annual percentage rate), but that is with competition present.
If an attacker could disable any competing route with lower fee rates, Loop may be willing to pay a higher fee rate (since the supply of liquidity is now reduced). Let’s say Loop would pay 3,000 ppm (0.3 percent), as well as use that liquidity more quickly since no other channels are functioning. Loop might use that liquidity in half the time, say one week. The attacker would more than double their usual yield to 15.6 percent APR in this example. The only cost to the attacker is the cost of running a script on an existing channel and the psychological cost of doing something immoral/damaging to the Lightning Network. With a single attacker channel, a malicious actor could jam about nine channels (see Jager’s tweets about this).
What Would The Victim Of This Attack Experience?
The victim of this attack wouldn’t really know that this attack was happening unless they had some special alerts set for pending HTLCs. For Thunderhub users (a highly recommended tool), the home screen will show a chart of pending HTLCs as well as a warning stating that channels can only hold 483 pending HTLCs.
Source: Thunderhub
In practice, my node quickly became unreliable and experienced several app crashes, including Thunderhub, which was the only app to notify me of the problem. Then, thanks to my “Balance of Satoshis” Telegram bot, I got a channel closing notification. The channel under attack force-closed itself! That was not supposed to be part of the experiment. (For more technical information on the involuntary force close, see below for additional force-close data.)
A test payment using the channel with Burkhardt (salmiak) failed due to the attack. This warning reports that Burkhardt’s node is offline, though it was online. Source: Thunderhub.
What Can The Victim Do To Stop A Griefing Attack?
Once an attack starts, a victim essentially can’t do anything to stop it. The only alternatives available to halt an ongoing attack would be to force-close the channel being attacked, which means that the terrorists win.
To add insult to injury, force-closing the channel will push the unresolved payments to the on-chain transaction data, triggering secondary on-chain transactions for the initiator of the force close. At 50 sats/vbyte and 483 on-chain transactions, that’s easily a 1 million sat price tag to force close a single channel under attack (a $368 channel close fee at today’s prices). The multiple on-chain transactions only occur if the output is above the minimum payment “dust” limit. (See this example on testnet.)
The initiator of a Lightning channel pays the closing fee.
Another reason why you may not want 483 (non-dust) htlcs is that a potential force-close transaction at 50 sat/vB looks like this: https://t.co/z6mAGZxvrC.
The closing fee is getting expensive at over 1 million sat.
— Joost Jager (@joostjgr) September 28, 2020
How To Prevent A Griefing Attack
Jager has been working on a proof-of-concept program to help isolate and fight attackers. He’s calling his program “Circuitbreaker.” The Circuitbreaker works at a network level, which unfortunately means that everyone has to participate for it to be effective.
Beyond that, this issue needs prioritization and attention from dedicated engineers/developers to find better solutions. There have also been some good discussions on modifying the protocol in the Bitcoin Optech newsletter (issue #122 or #126).
This attack can be executed today. It is a miracle that it hasn’t already been used maliciously. It’s a reflection of the incentives for those using Lightning today so that it can become an open, universal payment network. Please share this post as you see fit to encourage and inspire more work to fix this problem before it causes real harm.
Additional Technical Information About The Involuntary Force-Close
Here are the logs from my node running LND 0.11 at the moment that the above mentioned involuntary force-close occured:
2020-11-26 21:24:47.374 [ERR] HSWC: ChannelLink(657759:561:0): failing link: ChannelPoint (c37bec006b18df172698a84739ca47128935e0a8666fecd1a843e49b01db207c:0): received error from peer: chan_id=7c20db019be443a8d1ec6f66a8e035891247ca3947a8982617df186b00ec7bc3, err=rejected commitment: commit_height=455, invalid_commit_sig=3044022076fd65191eb6305b723fa6012be378413b6326e2786c38db58b4c02e1f3999d202207605ca31de8b4c5b1d9cd20dc1581dfa2383e0b4e06c8ad4f718ab5c434d8cf5, commit_tx=02000000017c20db019be443a8d1ec6f66a8e035891247ca3947a8982617df186b00ec7bc300000000008a792e8002210d0000000000002200201031cf10a1efef261edd3d0a1a6a953b27bc25bd7150bb2b07afdc69805e02157213000000000000160014de650929042bef58b71783ae1a44834a902a8f2d542ca720, sig_hash=4e0fb804c74376020e4c44a60969b9206eb0aaa9a89b76017d60f23ad5cf63e5 with error: remote error
The logs show an “invalid_commit_sig” which is a known issue in LND. Supposedly, this can happen upon reconnecting and isn’t a direct result of the channel jamming. The volume of pending HTLCs unfortunately makes it more likely to happen. Jager helped explain the process as channel jamming –> endless payment loop (bug) –> node down –> reconnect –> invalid commit sig (bug) –> channel force-close.
The “endless” loop bug is a known bug that occurs when the HTLC limit is reached and an additional HTLC is sent. Instead of ending in a payment failure, LND will continue to attempt the payment in a loop. To help with this bug, see LND issue #4656.
This is a guest post by Jestopher. Opinions expressed are entirely their own and do not necessarily reflect those of BTC Inc or Bitcoin Magazine.
The company itself is offering no assistance and no reimbursements to the escalating number of victims of its slipshod security.
The fallout from the second major data leak from the company that promised to be safer than keeping crypto on exchanges is intensifying. On December 21, a hacker leaked the details of as many as 270,000 Ledger customers to public forums.
That data, which includes email addresses, phone numbers, and even physical addresses, is now being hoovered up by scammers who are beginning their attack run.
SCAMMERS ARE GOING WILD
Sending fake emails pretending to be Ledger apologizing for the data leak and phishing you to install “latest version”
BEWARE!!
— Ivan on Tech (@IvanOnTech) December 21, 2020
Customers Vent
SIM swapping attacks have become a real and present danger due to the nature of the data leaked. Some users are already reporting that they have been targeted by this scam following the Ledger breach.
@ledger is hacked, and the next day I have my sim hacked! WTF. Its currently happening. No service on my phone, they got into authenticator app and are requesting password changes to several sites including @coinbase. #crypto Not even sure what to do.
— JimboChewdip (@jimbochewdip) December 22, 2020
In a nutshell, SIM swapping is when a malicious actor contacts the victim’s mobile service provider in order to convince the call center employee that they are indeed the victim themselves using their personal data.
The attacker then asks the provider to activate a new SIM card linked to the victim’s phone number on a new phone, which they are holding. With this, they can access 2FA security measures used by Ledger devices, reset passwords, and empty the wallets.
Aside from the obvious phishing scams, which have plagued Ledger users since their first data breach in June 2020, there is another threat of ransom attacks being employed since physical addresses were also leaked.
Casa HODL co-founder Jameson Lopp has had firsthand experience of such an attack when his home address was SWATted in 2017.
Protect your private keys with hardware. pic.twitter.com/t1PzfWnLeA
— Jameson Lopp (@lopp) December 21, 2020
Contacting Ledger is fruitless as the company refuses to assist its customers who have lost funds due to its negligence or otherwise.
Ledger appears to be losing credibility fast as the backlash continues;
New products by @Ledger to practice fucking yourself released just before christmas. pic.twitter.com/otM4MYkSax
— Todd Provoker (@Th0t_Provoker) December 21, 2020
Ledger: No Reimbursements
Speaking to Decrypt, Ledger CEO Pascal Gauthier said that the company will not reimburse customers who have had their personal data leaked online.
“When you have a data breach of this magnitude for such a small company, we won’t reimburse for a million users, all the devices, that’s just not possible. It would just kill the company,”
Gauthier tweeted that funds on Ledger devices are still safe; however, this is clearly not the case as they can and have been removed with spurious transactions unauthorized by the owners.
The responses were vociferous, to say the least as there was not even an apology and the company appears to have washed its hands of the consequences and unimaginable fallout of the incident.
Enjoy reading? Please share:
SPECIAL OFFER (Sponsored)
Binance Futures 50 USDT FREE Voucher: Use this link to register & get 10% off fees and 50 USDT when trading 500 USDT (limited offer).
PrimeXBT Special Offer: Use this link to register & enter CRYPTOPOTATO35 code to get 35% free bonus on any deposit up to 1 BTC.
