Connect with us

Cryto Mining

Rented Hash Power For 51% Attacks Is A ‘huge Vulnerability’ For Proof-of-work Blockchains, Says ETC Labs CEO – Forkast News

Published

on

The culprits behind the recent 51% attacks on Ethereum Classic used rented mining hash power to carry off their heists, exploiting a vulnerability common to cryptocurrencies that rely on “proof of work” as their underlying technology. 
Rented mining hash power is at the center of all three attacks on ETC last month, which resulted in millions of dollars in losses and delivered a significant blow to the reputation of PoW protocols previously believed to be immutable and “unhackable.” 
“It’s actually a huge vulnerability in the system,” said Terry Culver, CEO of ETC Labs, an incubator of projects on Ethereum Classic, in an interview with Forkast.News
“Three attacks in one month will tell you that security is an issue on Ethereum Classic. And we believe and know that other blockchains get attacked more regularly, maybe with less visibility,” Culver said. “It’s a universal problem.”
The cryptocurrency space has been trying to weed out criminals and tighten up security, including the implementation of “know your customer” and anti-money laundering (KYC/AML) procedures, increased regulations from governments, and enhanced security systems to stave off hacking.
But despite these efforts, malicious actors continue to exploit a core feature of many blockchain systems — decentralization and the requirement that there must be a 51% consensus of the protocol’s nodes to control the network. 
“The [cryptocurrency] system is maturing, but the hash rental market is actually growing,” Culver said. “Think of it like, you turn the light on, and where do the mice go? [Malicious actors have] left the exchanges for the most part, and they’ve moved into the hash rental market.”
Proponents of PoW systems would say that the 51% requirement needed to gain consensus would make it very hard to hack large blockchain protocols like Bitcoin and Ethereum. But there is still a theoretical possibility if someone or a group manages to gain 51% control over those networks. The risks of a 51% attack increases for smaller cryptocurrencies that don’t have as many nodes, as it would be relatively easier to take over the network of a smaller network while still turning a profit.
For example, it would take over US$513,000 to perform a 51% attack (at the time of this publication) for one hour on Bitcoin, but only about US$3,800 for a similar attack on Ethereum Classic, which is why the smaller network may be much easier and more profitable for malicious actors to attack.
“The hash rental market is like under a rock somewhere, it’s totally anonymous,” Culver said. “They’re basically money laundering operations. So you could take your BTC from ill-gotten gains, rent hash power, and get out freshly-minted tokens with no provenance.”
How did they do it? The malicious actors behind the first two attacks on ETC in August were able to achieve 51% dominance over the network by renting hash power from NiceHash provider daggerhashimoto, based on an analysis by Bitquery, a data intelligence firm.
Slovenia-based NiceHash is an online platform where customers can rent hashing power from sellers providing the computing power to mine cryptocurrencies. 
By using this rented hash power, the attackers behind the first and second attacks on Ethereum Classic were able to “double spend” over US$7 million by overwriting entries in the blockchain, reversing or even changing the destination of transactions. In other words, the attackers had almost complete control over the network and were able to route money as they pleased.
NiceHash has previously been embroiled in controversy. In 2019, its former chief technology officer and co-founder Matjaz Skorjanec was arrested in Germany over U.S. charges of being involved in a hacking group that organized the theft of millions of dollars. 
NiceHash itself was hacked in 2017, resulting in the loss of an estimated US$78 million in bitcoin.
The August hacks were not the first time Ethereum Classic suffered from such breaches, as a similar 51% attack occurred against ETC in January 2019. Hackers have also launched successful 51% attacks on a number of other smaller cryptocurrencies, including Bitcoin Gold, Verge and Monacoin in 2018.
“Computers are getting better, it’s going to keep getting easier and easier to get control of the computer power necessary to do these things,” said Benjamin J. A. Sauter, partner at New York-based international law firm Kobre & Kim, which is representing ETC Labs in investigating and suing the hackers. 
Moreover, the concentration of hashing power in China has also been shown to be a risk for cryptocurrencies, as recent flooding in the country’s Sichuan province destroyed thousands of crypto miners. Sichuan province, which is known for its cheap hydropower, has been a popular location for cryptocurrency mining farms looking to save money, but the floods and landslides caused a distinct drop of BTC hashrate in Chinese mining pools.
See related article: How Ethereum Classic’s 51% attacks reveal risks to Bitcoin and Ethereum
In a statement addressing the recent attacks and allegations from ETC Labs, NiceHash says that it “does not support or enable 51% attacks” but also concedes that its hash power “might be abused by the attacker’s pool.”
NiceHash says it takes steps to prevent or help prevent market disruptions and manipulations, and cooperates with law enforcement conducting investigations on activities which break their terms of service and privacy policy.
Forkast.News has reached out to NiceHash for additional comment, but has not received a response as of the time of writing. 
Despite the hacks and the numerous monetary losses, the crypto community have largely said they prefer to pursue malicious actors privately instead of bringing in greater government regulation and scrutiny. 
As a result of the attacks on Ethereum Classic, ETC Labs has announced that they are developing a strategic plan to protect the integrity of the ETC ecosystem. The plan includes cooperating with miners to maintain a consistent hash rate on the network, advanced monitoring to identify anomalies or spikes in the hashrate, and eventually changing the PoW mining algorithm.
“By and large, I think the space doesn’t want the government to become deeply involved in how the exchanges operate and try to remedy wrongs,” Sauter said. “I think the industry as a whole wants to be able to self-regulate and have an environment where the government doesn’t need to be in the weeds. But as long as there’s not an effective private resolution, it’s how problems are going to be solved.”
This is a thought-provoking observation. 🤔

By definition, a decentralized cryptocurrency must be susceptible to 51% attacks whether by hashrate, stake, and/or other permissionlessly-acquirable resources.

If a crypto can’t be 51% attacked, it is permissioned and centralized. https://t.co/LRCVj5F0O1
The cryptocurrency industry has seen increasing government interest, stricter rules and moves toward regulations in recent times, including the U.S.’ Financial Action Task Force’s guidelines for virtual asset service providers like exchanges to include the personal information of people transacting over US$1,000. 
Another U.S. agency, the Commodity Futures Trading Commission (CFTC) also announced a strategic plan to regulate cryptocurrencies by 2024. The U.S. Security and Exchange Commission (SEC) may also be on track to shift its views on how it determines cryptocurrencies to be securities, according to SEC commissioner Hester Peirce. 
“Capital markets can transform people’s lives, and so allowing the financial system to reach more people means that we have to really revisit some regulatory features that are in place now,” Peirce said in an interview with Forkast.News. “Crypto is an opportunity for us to be introspective and to say, hey, are we handling innovation right?”
Rented hash power might be a new sector where the industry may prefer to resolve disputes privately before the government steps in, Sauter said.
“If you don’t [have a framework for private dispute resolution], the only other choice that the victims of frauds have is to go to the government,” Sauter said, adding that those actions led to a wide crackdown on cryptocurrency business by the SEC and CFTC. “The industry would like for the government to take a hands-off approach, but that’s just not going to be a long-term, feasible solution if there’s also no way to figure out who is abusing the system.”
To bring the cryptocurrency industry out of the Wild West of scams and hacks that proliferated during the ICO bubble of 2017 would require increasing controls and checks on the system — through government or private organizations.
“If there’s a market for renting, I don’t think that itself is a problem,” Sauter said. “But if you’re doing it without keeping track of who your customers are and doing the same kind of due diligence that the exchanges are doing now, so that you’re able to trace back these kinds of frauds and hold people accountable when they abuse it, then you’re part of the problem, not the solution.”
NiceHash begs to differ.
“Just like ISPs can’t guarantee that all internet traffic is not malicious, NiceHash cannot be responsible for the security of every blockchain infrastructure,” the hash power provider said, in a statement. “The question of security becomes the question of the community and its creators. We must accept that if we want a true decentralization.”
Bryan Michael Galvan is a journalist who has worked for the South China Morning Post and has a Master’s degree from the University of Hong Kong’s Journalism and Media Studies Centre.
Subscribe to our newsletter
Get smarter with context and commentary on the week’s top blockchain & crypto trends in Asia.
Subscribe to our newsletter
Get smarter with context and commentary on the week’s top blockchain & crypto trends in Asia.

source

Continue Reading
Click to comment

You must be logged in to post a comment Login

Leave a Reply

Cryto Mining

Tim Cook said Apple is looking at cryptocurrency – Here’s what the company is likely to do – 9to5Mac

Published

on

December 28, 2021
Bradley Chambers
– Dec. 28th 2021 6:00 am PT


A few weeks ago, Apple CEO Tim Cook made headlines when he said he personally owns cryptocurrency while mentioning that Apple is looking at it from a technology perspective, but not from a treasury decision. What will Apple do with Bitcoin and cryptocurrency?

(adsbygoogle = window.adsbygoogle || []).push({});

It’s something we are looking at, it’s not something we have immediate plans to do. I would characterize it as there are things that I would not do like our cash balance. I would not go and invest that in crypto not because I would not invest my own money in crypto, but because I don’t think people buy Apple stock to get exposure to crypto. So if they want to do that, they can, you know, invest directly in crypto through other means. And so I would not do that. I’m not planning to in the immediate future to take crypto for our products. As a mane of tender, but there are other things that we are definitely looking at.
During the interview, Cook revealed that he owns cryptocurrency, saying “it’s reasonable to own it as a part of a diversified portfolio,” while also noting that he’s “not giving anybody investment advice.” However, Cook didn’t mention if he owns Bitcoin or another particular type of cryptocurrency.
Apple has plans for its retail financial arm. Its Apple Pay service allows people to send money in particular jurisdictions over iMessage. It also has its Apple Wallet app and associated Apple Pay services for mobile payments. Apple wants to grow its services business, and siphoning off banking services is an ideal way to do it. What does this have to do with cryptocurrency?
I believe that Apple will build a Bitcoin wallet directly into Apple Wallet shortly while also allowing for a low-cost way to purchase Bitcoin on iPhone.
With Bitcoin wallets – where you maintain full control of your bitcoin and move it off an exchange like Coinbase –you are responsible for securing your wallet with a seed phrase. I personally reccomend using a couple of Trezor, Ledger, or Coldcard hardware wallets with a multisig vault with a company like Unchained Capital to eliminate single points of failure with your Bitcoin wallets. I also recommend using a steel wallet like billfodl or SEEDPLATE for securing your seed phrase in case of hardware failure.
For newcomers to Bitcoin, this whole process might seem overwhelming, which is why I think Apple might approach it in a couple of ways:
If Apple operates as a Bitcoin exchange, they’ll let you buy bitcoin directly in the Apple Wallet app using whatever payment methods you have on file. They’ll allow you to store your holdings in Apple Wallet while Apple itself will retain the keys. It’ll look a lot like what Cash App or Coinbase does, where you can send, receive, and store Bitcoin without needing to store your seed phrase.
If Apple sets up a software wallet directly on iPhone, it’ll likely look similar to BlueWallet, where you take self custody of your Bitcoin with a seed phrase backup. You’ll own the keys to your Bitcoin directly on your iPhone and be responsible for backing up the seed phrase. If Apple goes this route, I suspect they’ll build in an encrypted iCloud backup of your seed phrase that’s tied to multi factor authentication in such a way where only you can decrypt it. It’s not ideal, but it’s better than nothing.
Finally, Strike is a company I could see Apple partnering with for global Apple Pay Cash transactions. Twitter is already working with the company for its tipping service. Strike does a couple of things that could be of interest to Apple:
It accomplishes the global payment system using Bitcoin as the transaction medium. If I want to send someone in another country money, I input dollars, it converts it to Bitcoin and converts it back to local currency when received. It sounds simple, but it’s a pretty revolutionary way to process payments globally for free.
I just published Announcing the Strike API
Today, @Twitter enables free, instant, global payments for their users with their integration of the Strike API.
What the internet did for communication, #Bitcoin + the Lightning Network is doing for money.https://t.co/jHkY6knXkP pic.twitter.com/FXujknG7sM
— Jack Mallers (@jackmallers) September 23, 2021

Ultimately, Bitcoin is becoming a significant force to be reckoned with in our world. With a finite supply, decentralization, and digitization of our financial system, it’s likely to continue to play a significant role as digital gold and global settlement network. Apple doesn’t want to miss a massive shift in technology as it seeks to drive services revenue and become a significant player in the financial services industry.
It’s also possible Apple will use Bitcoin as a transaction layer with its online store when the company is concerned about the stability of the local currency as we saw recently in Turkey.
Bitcoin’s energy usage is a common discussion among its critics. While there is a lot to unpack here, I’ve found the video I’ve embedded below to be a great resource to explain how there’s more to the discussion about Bitcoin and energy usage than most people would lead you to believe.
TL;DW: The Bitcoin network uses less energy than the use of Christmas lights in the US.
What do you think Apple will do with Bitcoin and cryptocurrency? Leave a comment below! Interested in learning how to buy Bitcoin? We’ve put together a detailed guide on the best apps for buying Bitcoin on your iPhone
FTC: We use income earning auto affiliate links. More.
Check out 9to5Mac on YouTube for more Apple news:
Breaking news from Cupertino. We’ll give you the latest from Apple headquarters and decipher fact from fiction from the rumor mill.


Bradley lives in Chattanooga, TN.
Tips, feedback, corrections and questions can be sent to Bradley@9to5mac.com.
5G C-band questions asked and answered
Add your COVID-19 vaccine to Apple Health and Wallet
Here’s everything to expect from Apple in 2022
My desktop Mac workspace for 2022

source

Continue Reading

Cryto Mining

94% of Advisors Received Questions About Crypto from Clients in 2021, Bitwise/ETF Trends Survey Finds – Business Wire

Published

on

94% of Advisors Received Questions About Crypto from Clients in 2021, Bitwise/ETF Trends Survey Finds  Business Wire
source

Continue Reading

Cryto Mining

GameStop Jumps After Report on NFT Trading Hub, Crypto Pact – Gadgets 360

Published

on

Short selling against GameStop increased by about 1 million shares to 8.4 million in the past 30 days
GameStop’s stock rallied on Friday after a report that the videogame retailer plans to expand its non-fungible tokens (NFTs) marketplace and partner with crypto firms.
The company’s shares soared last year as it was at the centre of a battle between small investors coordinating on online forums and Wall Street hedge funds that had taken short positions. Since mid-November, its stock has mostly declined.
On Friday, GameStop jumped 7.3 percent to $140.62 (roughly Rs. 10,440) after reports late on Thursday that the company would build an online hub for trading NFTs for virtual game collectibles and establish cryptocurrency partnerships.
A source familiar with the matter told Reuters about GameStop’s plans, which had been reported by the Wall Street Journal.
GameStop declined to comment on the reports.
NFTs, which use blockchain to record the ownership of digital items such as images and videos, surged in popularity in 2021, leaving many confused about why so much money was being spent on copiable digital items that do not physically exist.
Highly volatile crypto assets have tumbled in recent months, with Bitcoin plummeting to a more than three-month low of $42,001.97 (roughly Rs. 31.18 lakh), down about 38 percent from its $69,000 (roughly Rs. 51.21 lakh) all-time high in November. Bitcoin price in India as of January 8 at 11:15am IST was Rs. 33.92 lakh.
Ether, used to buy NFTs, has slumped to $3,219.77 (roughly Rs. 2.39 lakh), levels last seen in early October. Ether price in India as of January 8 at 11:15am IST was Rs. 2.6 lakh.
“Meme stocks are speculative rather than fundamental and, to a degree, cryptos are also little speculative in nature … too much of an exposure to cryptos could have an effect on the balance sheets of these companies,” warned Mirabaud analyst Neil Campling.
Short selling against GameStop increased by about 1 million shares to 8.4 million in the past 30 days, now worth $1.11 billion (roughly Rs. 8,240 crore) and equivalent to 13 percent of GameStop’s free float, according to data from S3 Partners.
Ihor Dusaniwsky, managing director of predictive analytics at S3 Partners, said Friday’s share move was unlikely to be a short-covering rally.
“First we would need to wipe out recent mark-to-market profits on the short side, which means getting back to levels in the $170 – $200 (roughly Rs. 12,600 to 14,800)stock price range,” for a short squeeze to happen, Dusaniwsky said.
© Thomson Reuters 2021
Cryptocurrency is an unregulated digital currency, not a legal tender and subject to market risks. The information provided in the article is not intended to be and does not constitute financial advice, trading advice or any other advice or recommendation of any sort offered or endorsed by NDTV. NDTV shall not be responsible for any loss arising from any investment based on any perceived recommendation, forecast or any other information contained in the article.
Cryptocurrency Prices across Indian exchanges
For the latest tech news and reviews, follow Gadgets 360 on Twitter, Facebook, and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel.
Advertisement
03:00
04:15
04:28
04:54
03:08
Advertisement

source

Continue Reading

Trending