We focus on permissionless blockchain technology with Proof-of-Work – like membership mechanisms and Nakamoto consensus that do not require any trusted parties or centralized identity management among the participants2: the first announced (“mined”) valid block containing a solution to a computational puzzle is considered correct. Nodes express their acceptance of the block by working on creating the next block in the chain, using the hash of the accepted block as the previous hash, and consider the longest chain to be the correct one. A permissionless system is one in which the participants’ identities are either pseudonymous or even anonymous.3 To ensure the authenticity of the source of the transaction, as well to manage digital assets (e.g., cryptocurrencies) on the blockchain, public key infrastructure is employed. Public key serves as an identifier of the node or a wallet that stores corresponding private key (a long sequence of characters), used for cryptocurrency management, and to digitally sign irreversible transactions. Therefore, keeping the private key safe is a crucial aspect of blockchain technology and often seen as the booty of an attack.

Notable examples of exploiting vulnerabilities of the blockchain technology in the past include the virtual venture capital fund that is governed by the investors of the distributed autonomous organizations, DAO. In June 2016, the attacker managed to retrieve approximately 3.6 million Ether from the DAO fund exploiting a vulnerability of the implementation of a smart contract. One year and a month later, an attacker exploited a vulnerability in the Parity 1.5 client’s multi-sig wallet contract to steal the funds from past token sales from three high-profile multi-signature contracts. Attacks on the exchanges have also caused significant losses: MtGox in 2014 (350 million US), and Coincheck in 20176 (400 million US$). It is noteworthy that in all explained cases not the blockchain itself got hacked but bad 3rd party code got exploited, either through vulnerable smart contracts or central custody of private keys (exchanges).

In 2019, losses from digital currency related crime reached $4.4 billion in the first nine months of the year, which is more than double the $1.7 billion in 2018.<2018>7Compared to the overall cybercrime created profit of $1.5 trillion in 2018, the digital currency related profits are significantly smaller, however growing.15 Two massive thefts were the main contributors to such losses based on the information from CipherTrace: platform supports the world’s most advanced applications for blockchain forensic investigation.8 One of the frauds resulted in a loss of $2.9 billion from an alleged Ponzi scheme, PlusToken. Platform administrators closed down the operation in June of 2019, withdrawing over $3 billion stored in different tokens and leaving the message “sorry we have run”. The funds then were moved from large wallets (~5000+ Bitcoin) to smaller wallets, and eventually into exchanges. The PlusToken was not traded in any of the significant exchanges, despite a 10 million large user base, and had suspicious promises 6% to 18% ROI without providing any clear strategy and without any independent reviews available. PlusToken praised itself as the “new Bitcoin”, while the company never actually developed an own blockchain. While for many blockchain natives it was obvious that the company was a bad actor without any technological benefit, millions of people fell for the multi-level marketing Ponzi scheme wrapped and sold as the next hot crypto currency.

Another notable fraud of this year was the $195 million that became inaccessible to the customers of Canadian crypto exchange QuadrigaCX due to the unexpected death of its co-founder and CEO, Gerald Cotton, who is claimed to have an exclusive access to the private keys allowing him to manage vast reserves of customer cryptocurrency.9

Several attacks on decentralized exchanges also happened in 2019. Cryptopia, the cryptocurrency exchange, was hit by a major hack in mid-January and was suspended. Reports on this case suggest that they had all the private keys from their wallets stored in a single server with no redundancy. If the thieves managed to gain access to this server, they could have downloaded the private keys before wiping them from the server, leaving Cryptopia unable to access their own wallets. Following hacks of Cryptopia, Singapore-based DragonEx, and South Korean crypto exchange Bithumb later this year, and preceding three other attacks on other exchanges, hackers stole $40.7 million from Binance: the world’s largest exchange by volume found a vulnerability in its hot wallet. It was announced that hackers had gained access to user API keys and two-factor authentication codes, allowing them to withdraw bitcoin from one of the exchange’s hot wallets. Withdrawals and deposits were temporally suspended, while trading was not affected, after the system upgrade, the exchange reopened its service13 and reimbursed affected customers for the loss.

Depending on what vulnerability at which level is being exploited, the mechanisms of the aforementioned attacks can be defined as follows:

• “Improper key management.”

If a user loses his private key, he can no longer digitally sign transactions, or manage his tokens. Moreover, an attacker in possession of the private key gains full access to the node and tokens. It is fairly difficult to brute-force the private key from the public one due to the one-way property of a function used to generate public key from the private key. The chance of generating a private key already used on the blockchain is around 1 in 2256. Yet, through the enumeration of select areas in the 256-bit private key space where errors likely result in the use of weak keys, researchers have discovered 49,060 transactions spread over 732 public keys for which the corresponding private keys were found, with a total transfer amount of over 32 Ethereum.14 Even though on the day of discovery, the balance across these keys was 0 Ethereum, such vulnerability could be exploited by the hackers later on, as that balance is volatile.

It is of upmost importance to have an appropriate setup of storing private keys to reduce the risk of leaking. Different key-management approaches exist to ensure the security of the private key: local key storage, password-protected wallet, wallets hosted by a third party, offline (cold) key storage, password driven keys.5

• “Vulnerabilities of smart contracts.”

These attacks refer to the different flows in the implementation of a smart contracts, from bugs in programming languages, to the high-level design of the smart contract(s). (In)4, an interested reader could find a classification and analysis of the vulnerable Ethereum contracts reported in the scientific literature. While frameworks for formal design, implementation, and verification of blockchain languages and virtual machines are still being developed, the correctness of the smart contracts relies on the person that produces the code. Therefore, it is important to have auditory procedures in place to reduce the vulnerabilities and bias in the implementation of the smart-contract logic.

• “51%-attack at the network level.”

As stated (in)1, regarding the "Proof-of-Work" mechanism, adopted by multiple permissionless blockchains: “If a majority of CPU power is controlled by honest nodes, the honest chain will grow the fastest and outpace any competing chains.” - Therefore, 51% of the network being under control of the same user or a mining pool can lead to loss of decentralized trust, double-spending, fee extortion, and even complete denial of service. In May and June 2018, five Blockchain-based cryptocurrencies; namely, Monacoin, Bitcoin Gold, Zencash, Verge, and Litecoin Cash, were targeted by a 51% attack. Attempts to prevent 51%-attacks: delayed block submission penalty approach. Delayed proof of work, among others. A detailed analysis of such approached can be found (in)10.

The novelty of the blockchain technology, its quick race to fame and inherent functionality as store of value, makes it an interesting target for attacks. While cybercrime related to blockchain technology are insignificant in comparison with overall cybercrime, the rate is growing on a rapid pace. The nonstop race between hackers exploiting various attack scenarios and researchers and practitioners in the blockchain space teamed up to provide better defense mechanisms improves and advances the technology. It is important to state that the most important blockchains such as Bitcoin and Ethereum never got hacked itself, but rather the added artefacts like 3rd part smart contracts or the central storing solutions of funds such as exchanges. The current institutionalization in the blockchain space, brings tested solutions like auditing processes of code bases or institutional grade custody solutions for adequate store of value to the space.