Ethereum recently endured a coordinated attack on its network, which failed as attackers could not exploit a popular client of the blockchain.
Revealed by several experts on Twitter, the perpetrators targeted the Parity nodes of the Ethereum blockchain by exploiting a vulnerability in the network.
2/ The attack exploited a bug in a popular Ethereum node implementation called Parity Ethereum.
Vulnerable nodes were sent data tricking them into thinking a valid block was invalid.
— Liam Aharon (@liamaharon) December 31, 2019
Market Trading Ideas for May 10-14Go to article >>
As explained by Sergio Demian Lerner, the attack was very simple – the attackers sent a block with invalid transactions, but with a valid header (borrowed from another node) to the parity nodes. With this technique, the node will mark the block invalid and blacklist the block header, making the valid node invalid as well.
Because of an attack on such a scale, a large number of Parity nodes lost sync from the Ethereum network.
Despite the grave severity of the attack, the perpetrators could not exploit another popular client called Geth, which dominates Ethereum nodes.
Developers have to address serious issues like this
To fix the vulnerability, the developers released a patch 14 hours after the coordinated attack was conducted.
Many Twitter users pointed out that only around 20 percent of the Ethereum nodes run on Parity nodes. However, if any such attack targets the Geth nodes, it would have the potential to take down the entire Ethereum network, per software developer Liam Aharon.
“I’m worried because this month Parity announced they will be winding down support for Parity Ethereum, and delegating maintenance to a DAO,” Aharon stated. “If this scenario came true, attacks similar to today’s would devastate the network, instead of just being inconvenient.”
Last month, hackers also attempted to target the Vertcoin network by pulling a 51 percent attack; however, due to the strong security measures, the perpetrators ended up paying for the privileges.