Researchers Say New Lightning Network Attack Could Create ‘Chaos’

Published at: June 29, 2020

A study published on June 29 revealed a way to drain Bitcoin (BTC) wallets’ funds on the Lightning Network by exploiting a bottleneck in the system.

According to the “Flood & Loot: A Systemic Attack On The Lightning Network” paper, Jona Harris and Aviv Zohar from the Hebrew University in Israel evaluated a systemic attack on the Lightning Network that allows for the theft of BTC funds that were locked in payment channels.

Flooding the blockchain with simultaneous attacks

The Lighting Network is used to send payments through intermediary nodes, which can be leveraged to steal Bitcoin. This usually must be done quickly. However, the effective window of time could be extended by hackers flooding the network.

For the attack to be successful, hackers would only need to attack 85 channels simultaneously in order to steal funds from the network.

Details behind the attack

Researchers provided more details, noting:

“The key idea behind Hash Time Locked Contracts (HTLC) is that after they are established, payments are ‘pulled’ by the target node from the previous node in the path by providing a secret (a preimage of a hash). Our attacker will route a payment between his own two nodes, and pull the payment at the end of the path. He will refuse to cooperate when the payment is eventually pulled from the source node - forcing the victim to do so via a blockchain transaction.”

The paper clarifies that the results of the study were shared with the developers of the three main Lightning implementations prior to publishing the report.

Cointelegraph reported that the Vietnamese online ticketing agency, Future.Travel, now accepts Bitcoin payments via the Lightning Network. Funds are converted into local currency at the time of sale.

Tags
Related Posts
Bitcoin Ransomware and Remote Working: What the Future Holds
The new work-from-home culture is gaining more traction than ever before as businesses, government departments and schools try to remain afloat while flattening the pandemic curve. This migration to remote working is a double-edged sword that creates a fertile land for cybercriminals to thrive on. There is no way that cyberattacks can be eliminated completely. The best that companies can do is minimize the frequency of the threats. What is ransomware? Cybercriminals use malicious software code to block people or organizations from accessing their computer systems until a ransom has been paid. Cryptocurrencies such as Bitcoin (BTC) have made it …
Technology / Aug. 21, 2020
Crypto hacks are set to hit all-time highs in 2022, analyst explains
Reducing the amount of hacking by improving cybersecurity should be considered a top priority for the crypto industry, said Kim Grauer, director of research of blockchain intelligence firm Chainalysis. As pointed out by the firm, this year could outpace 2021 in terms of crypto stolen through hacks. The vast majority of these exploits have been targeting the field of decentralized finance. “This can't go on in the industry because people are going to lose faith in investing in DeFi platforms”, Grauer said in an interview with Cointelegraph. Unlike centralized exchanges, which have improved their resiliency to crypto hacks, decentralized protocols …
Blockchain / Oct. 19, 2022
Don’t blame crypto for ransomware
Recently, gas has been a hot topic in the news. In the crypto media, it’s been about Ethereum miner’s fees. In the mainstream media, it’s been about good old-fashioned gasoline, including a short-term lack thereof along the East Coast, thanks to an alleged DarkSide ransomware attack on the Colonial Pipeline system, which provides 45% of the East Coast’s supply of diesel, gasoline and jet fuel. In cases of ransomware, we generally see a typical cycle repeat: Initially, the focus is on the attack, the root cause, the fallout and steps organizations can take to avoid attacks in the future. Then, …
Technology / May 30, 2021
Defending Bitcoin’s Integrity in the Great Twitter Hack
Bitcoin (BTC) has made global headlines again because of the recent Twitter hack, but this time, we need to work harder to protect Bitcoin’s integrity and the progress the industry has made. The coordinated social engineering attack compromised the Twitter accounts of high-profile figures and organizations like Microsoft co-founder Bill Gates, Tesla founder Elon Musk, Amazon owner Jeff Bezos, former United States President Barack Obama and 2020 U.S. presidential candidate Joe Biden, among many others, to ask for Bitcoin in fake “giveaway” posts. When the story broke, the New York Times, BBC and other mainstream media outlets were quick to …
Decentralization / July 22, 2020
The Bitcoin bottom — Are we there yet? Analysts discuss the factors impacting BTC price
When Bitcoin was trading above $60,000, the smartest analysts and financial-minded folk told investors that BTC price would never fall below its previous all time high. These same individuals also said $50,000 was a buy the dip opportunity, and then they said $35,000 was a generational buy opportunity. Later on, they also suggested that BTC would never fall under $20,000. Of course, “now” is a great time to buy the dip, and one would think that buying BTC at or under $10,000 would also be the purchase of a lifetime. But by now, all the so-called “experts'' have fallen quiet …
Adoption / Sept. 3, 2022