Sunday, January 16

The list of names of the most common attacks suffered by blockchains

In Blockchain Observatory we have prepared a list with the names of the most important attacks suffered by blockchains. Cryptocurrencies and the blockchains that allow their use have been the victims of multiple attacks since the appearance of Bitcoin in 2008. In the last 5 years, at least 43 cryptocurrency exchanges and 49 DeFi protocols have been publicly hacked. These attacks have resulted in losses of more than $ 2.8 trillion.

List of blockchain attacks

51% Hack

The 51% attack is a direct attack on a blockchain. In it, a group of miners is able to control more than 50% of the network’s hash rate. Gaining that control means that completed transactions can be confirmed and reversed, thus causing the problem of double spending. Double spending implies that the same cryptocurrency can be spent more than once.

Sybil Attack

Sybil seeks to affect the network that is being attacked, creating multiple identities of the same person. The attack is executed by creating a large number of accounts or nodes, in order to have more activity on the network. If enough fake identities are created, attackers may be able to outvote honest nodes on the network. A large-scale Sybil attack could amount to a 51% attack and take over an entire network.

Crypto hacks add losses of more than $ 500 million in 15 days

Consensus mechanisms are used to reduce the possibility of such attacks. For example, Bitcoin uses Proof Of Work, which requires a lot of computational power to create a new block. In this way it is more difficult and expensive for the attacker to carry out his plan.

Eclipse Attack

It is similar to Sybil Attack, but here the target is a single node. It consists of isolating a node from the network, then attacking it with false information and disconnecting it from the network of valid data. For example, in the Bitcoin network, the mining nodes require powerful equipment with high computational power to add new blocks. However, non-mining nodes (Full Nodes) can be run with minimal computational power, allowing further decentralization of the network. The disadvantage is the limitation of these nodes in bandwidth.

Polygon rewards $ 2 million to hacker who detected $ 850 million vulnerability

It is relatively easy to steal connections through a botnet that gradually detects the IP addresses of the rest of the nodes on the network. So when these nodes restart their connection to the network voluntarily or through a DDoS attack, they connect to the attacker’s IP address. At this time, malicious nodes are in control of the victim, without overall network visibility.

Replay attack

These types of attacks are usually executed during the implementation of a Hard Fork (update of a blockchain). It consists of intercepting a valid data transmission through one network and repeating it on another network. For this reason, these types of attacks are easier to carry out when creating a Hard Fork, since it is the moment where two blockahins originate: the old one and the updated one. One way to defend against this attack is to add a time stamp to the data transmission.


Phising occurs when someone with the intention of stealing your wallet keys, pretends to be a reputable entity or company and asks you to enter personal data. Typically, they lure the user in by telling them to change their password for X site or that there is some error and they need you to re-enter their credentials.


It consists of introducing malware into the system to get all the important data of the victim and encrypt it. Once encrypted, the victim does not have access to these and is when a ransom is requested through a message or pop-up window. An example is the Ransomware attack on the Health Service Executive (HSE) in Ireland.

Poly Network Offers Company Security To Hacker Who Stole $ 613 Million From It

Exchange Hack

One of the dangers facing the crypto community is hacking of exchanges, as happened to Mt Gox in 2014, where 850,000 BTC was lost. When we have our cryptocurrencies in a centralized exchange we are exposed to losing our money if the company suffers a hack. In this sense, it is usually recommended to have cryptocurrencies in a cold wallet, so as not to depend on a centralized company.

Hacker Who Stole $ 600 Million From DeFi Poly Network Returns $ 342

DeFi Hack

An attack on DeFi consists of accessing blocked funds through some type of vulnerability in the protocol. Typically, they are done through flash loans or manipulating oracles.

Rug Pull

A Rug Pull consists of creating a worthless token and listing it on a decentralized exchange (DEX), where it begins to trade in a liquidity pool. The scammer convinces different investors to provide liquidity and raise the price of the token. At that moment, the scammers do a Rug Pull (they pull the mat) and take all the money invested in the pool, leaving the investors with a worthless token.

You can also follow us on our channels Telegram Y Twitter.

Leave a Reply

Your email address will not be published. Required fields are marked *