📕 BETTER THAN YESTERDAY WITH BSCSTATION #12: Blockchain Attacks You Should Know Part 5

Welcome to the last part of the “Blockchain Attacks You Should Know” series.

Let's wrap up with the “Mining Pools Attack” sector, shall we?

For major cryptocurrencies like Bitcoin, it has become impossible for individual miners to earn a profit, so miners unite their computing power by creating mining pools. This allows them to mine more blocks and each receives a share of the reward.

Mining pools represent a sweet target. Malicious miners try to get control over mining pools both internally and externally by exploiting vulnerabilities in the blockchain consensus mechanism.

Here are the most common attacks on mining pools.

Selfish Mining

Selfish Mining refers to the attempts of malicious miners to increase their share of the reward by not broadcasting mined blocks to the network for some time and then releasing several blocks at once, making other miners lose their blocks.

Possible measures for preventing this type of attack are random assignment of miners to various branches of pools, preferring the block with a more recent timestamp, and generating blocks within a maximum acceptable time. This type of attack is also known as block withholding.

On the surface, Selfish Mining seems lucrative. However, many are skeptical of its ability to severely impact Bitcoin. By centralizing the network in this manner, participants would be fundamentally removing the value proposition of the cryptocurrency. For them to be profitable, it is in the best interest of miners to act honestly. After all, their profit is denominated entirely in Bitcoin.

Fork After Withholding

Fork After Withholding (FAW) is a variation of selfish mining that turns out to be more rewarding for attackers. During a FAW attack, the malicious miner hides a winning block and either discards it or releases it later to create a fork, depending on the situation. The concept of this attack was explicitly described by a group of researchers led by Ujin Kwon.

The attacker (individual or pool) behaves as follows:

The attacker splits their computing power between innocent mining and infiltration mining, where infiltration mining is mining as part of a target pool, with the intent of taking advantage.

When an attacker finds an FPoW as part of infiltration mining in a pool, they hold onto the block privately without publishing it.

Depending on what happens next, the privately held FPoW block can either be released to target pool manager hoping to create a fork (as in selfish mining), or dropped altogether (as in block withholding).

Conclusion

Cryptocurrency and blockchain attacks do not happen often, but when they do, all parties involved in a network incur huge losses.

There is no one-size-fits-all way to protect yourself against such attacks, but staying informed about the different kinds of attacks, as well as phishing and trading scams, and fake giveaways and Airdrops.

Before investing in a cryptocurrency, it is also useful to perform due diligence and make sure if the cryptocurrency has not experienced any major cyber attacks. Reading a crypto’s whitepaper thoroughly and critically evaluating its use cases also helps.

Reddit user u/xCryptoPandax has a comprehensive guide on the forum on how to keep your computer and cryptocurrencies safe. Essentially, you should be using two-factor authentication (2FA) tools or password managers, and cold wallets to make sure that your passwords are encrypted, and your crypto wallets are not connected to the Internet.

Furthermore, even though cryptocurrency is all the rage right now, it’s still in its infancy. Investing in something that’s new comes with challenges, so be prepared to research first, and invest conservatively if you are worried about the risks.

Throughout this “Blockchain Attacks You Should Know” Series, BSCStation hopes we have provided our community with useful knowledge to help everyone integrate and adapt to the fast-paced, evolving Blockchain industry.

See you guys in future articles, with plenty more precious Blockchain knowledge to come!

About BSCStation

BSCStation - The fully decentralized protocol for launching new ideas. An all-in-one Incubation Hub with a full-stack Defi platform across all main blockchain networks. We provide exclusive services including IDO/INO Launchpad, Yield farming, NFT Auction, Marketplace, and BSCSwap

BSCStation operates on top of all the main blockchain networks and is designed to offer maximum value to consumers and institutions.

BSCStation platform uses the Sharing Economy Model for the purpose of profit-sharing, helping users to access DeFi platforms in the easiest, safest, and most cost-effective way. BSCStation is the most convenient bridge to connect users and application products on all main blockchain networks.

Website | Telegram | Substack | Twitter | Channel

The information provided in this article is intended for general guidance and information purposes only. Contents of this article are under no circumstances intended to be considered as investment, business, legal or tax advice. We do not accept any responsibility for individual decisions made based on this article and we strongly encourage you to do your own research before taking any action.