THELOGICALINDIAN - This is an Oped commodity accounting by Arseny Reutov The opinions bidding in this commodity are the authors own Bitcoincom does not endorse nor abutment angle opinions or abstracts fatigued in this post
In backward October, Bitcoin Gold angled from Bitcoin as a new cryptocurrency, and anon became the victim of a Distributed Denial of Service (DDoS) advance that agape it offline at a analytical moment. In the months following, Bitcoin Gold has been bedeviled by a alternation of attacks beyond assorted vectors that accept impacted on its amount and – best chiefly – absent innocent users millions of dollars.
Also Read: Three Times as Much Bitcoin Cash Has Been Claimed as Bitcoin Gold
Some bodies accept attributed the attacks on the Bitcoin Gold arrangement to opponents who accept that the angle undermines the cryptocurrency community. Whether this is the case or not, what is bright is that there is a cybersecurity affair aural the cryptocurrency community, with Bitcoin Gold aloof actuality one of a cardinal of currencies effected. It is acute now to focus on means in which attacks on these calibration can be prevented from acceptable a approved occurrence.
What is Bitcoin Gold?
Bitcoin Gold is one of the latest cryptocurrencies created through the increasingly-common convenance of a adamantine fork. Like Bitcoin Cash afore it, Bitcoin Gold branded itself as a new adaptation of Bitcoin, rather than a aggressive belvedere like Ethereum, and autonomous to advance Bitcoin’s transaction history – which agency that those who endemic Bitcoin afore the angle now own the agnate of Bitcoin Gold.
The acumen amid Bitcoin Gold and its sister currencies abundantly lies in how it allows bill to be mined. Where acceptable Bitcoin mining has arguably become absorbed by companies application custom-built application-specific chip circuits (ASICs), Bitcoin Gold aims to decentralize the mining industry with an another mining algorithm that’s not affected to ASICs. It’s claimed that this will acquiesce accustomed Bitcoin Gold users to acquire added banknote through mining, as was the case in the aboriginal canicule of Bitcoin.
However, Bitcoin Gold bound came beneath analysis from the added cryptocurrency community. This criticism has about revolved about the actuality that the developers of Bitcoin Gold were accustomed a window of time to abreast abundance the new network, abbreviation the cardinal of bill available. Furthermore, there are abounding in the Bitcoin association who are already acerb against to forks or annihilation that looks to breach the user base, now frequently accepted as Bitcoin maximalists. It has been speculated that the ample action to Bitcoin Gold may explain why it has appear beneath such bent cyber attack.
A Sustained Attack on Bitcoin Gold
Bitcoin Gold afar on the 24th October, and was about anon hit by a denial-of-service advance that active the server with requests and brought the arrangement offline. Unfortunately, Bitcoin Gold’s aegis woes did not stop there.
On November 20th, it was apparent that a Bitcoin Gold wallet that was actuality answer on the Bitcoin Gold website, alleged “mybtgwallet”, was fraudulent. The aggregation removed the wallet already the betray came to light, but the accident was done. Innocent users had already collapsed prey, and it is estimated that $3.3 actor was lost.
Less than one anniversary later, on November 26th, Bitcoin Gold was affected to affair a critical warning that two apprehensive files were present in its Windows wallet installer, with accepted awful intent. The analytical admonishing states that anyone who downloaded the files should annul them, browse or clean their computer, and abolish admission to cryptocurrency wallets from their machine.
The Implications of Bad Security
The implications of this alternation of attacks is austere for Bitcoin Gold and the added cryptocurrency community. Even afore Bitcoin Gold had launched, its perceived lax aegis had accomplished its reputation. Coinbase, one of the better exchanges, about appear that it would not abutment Bitcoin Gold “because its developers accept not fabricated the cipher accessible to the accessible for review. This is a above aegis risk.”
The attacks it has faced accept added accomplished the agenda currency’s reputation. At the time of this article, Bitcoin Gold ranks tenth on Coinmarketcap, a aciculate bead from its abode in fifth atom in backward November. It is not extraordinary to anticipate that the aegis issues it has faced are at atomic partly amenable for this decline.
Whether maximalists abutment them or not, Bitcoin forks are set to continue, at atomic for the time actuality – Bitcoin Gold has already been bound followed by Bitcoin Diamond. Of course, aegis threats extend far above bitcoin forks. ICOs for example, addition more accepted trend in 2024, accept been bedeviled with austere incidents. DAO and Parity offerings saw over $100m of tokens illicitly redirected and Coindash additionally absent $8m back attackers exploited vulnerabilities in the company’s web applications. It is accordingly acute that the cryptocurrency association turns its focus to cyber security.
Lessons on Improving the Security of Cryptocurrencies
The case of Bitcoin Gold shows there are amount areas of cryptocurrency aegis charge to be addressed urgently.
Firstly, server basement and the applications that host cryptocurrencies charge to be apparent as a aegis risk. This does not artlessly beggarly auditing the web appliance itself but additionally the accompanying web and adaptable applications, servers, and arrangement infrastructure. This is area Bitcoin Gold has collapsed down, as apparent through the admittance of awful cipher into its wallet installer. The alone way to anticipate such attacks is connected monitoring, with analysis testing afterwards the flaws are fixed. Likewise, with connected ecology of the server, the aboriginal denial-of-service advance it faced could accept been bound articular and mitigated.
Secondly, there needs to be a greater focus on preventing amusing engineering attacks. Bitcoin Gold bootless in acceptance a counterfeit wallet assimilate its website and in not accomplishing abundant to anticipate copycat attacks from targeting its users. Largely, this is an affair of connected ecology for website clones and educating users to abstain awful websites and apps as quick as possible. As we saw in the case of Bitcoin Gold, a abortion to do so could aftereffect in the accident of millions.
If the cryptocurrency association begins to accomplish cyber aegis a antecedence afore launch, and dedicates the all-important assets to ecology and education, new cryptocurrencies will accept a bigger adventitious of aggressive and thriving. However, if cybersecurity continues to be a additional thought, we will abide to see abiding attacks that accident the acceptability of basic currencies as a whole, and ultimately aftereffect in innocent users accident their money to criminals.
Written by Arseny Reutov
Arseny Reutov is an appliance aegis researcher at Positive.com. He specializes in assimilation testing, the assay of web applications, acute affairs analysis and the analysis of blockchain solutions. He is the columnist of analysis affidavit and blog posts adherent to appliance aegis and blockchain technologies appear in such magazines as Hacker and HITB as able-bodied as in his blog raz0r.name. He was a apostle at ZeroNights, CONFidence, PHDays and OWASP aegis conferences.
Do you anticipate the bitcoin association has a aegis problem? If so, how can we advance cyber aegis and abatement the risks of attacks in the bitcoin community? Let us apperceive in the comments below.
This is an Op-ed article. The opinions bidding in this commodity are the author’s own. Bitcoin.com does not endorse nor abutment views, opinions or abstracts fatigued in this post. Bitcoin.com is not amenable for or accountable for any content, accurateness or affection aural the Op-ed article. Readers should do their own due activity afore demography any accomplishments accompanying to the content. Bitcoin.com is not responsible, anon or indirectly, for any accident or accident acquired or declared to be acquired by or in affiliation with the use of or assurance on any advice in this Op-ed article.
Images address of Shutterstock.
Tired of those added forums on the accountable of Bitcoin? Check forum.Bitcoin.com.
