Thursday, October 8, 2015

Bitcoin Transactions Were Under Attack for a Week


Transactions were being duplicated in a malleability attack

A Russian man that calls himself "Alister Maclin" has been disrupting the Bitcoin network for over a week, creating duplicate transactions, and annoying users.
The attack was first noticed by Coinkite, a high-tech Bitcoin platform, and was eventually claimed by Maclin on one of the Bitcoin forums.
According to Bitcoin experts, the attack was not dangerous and is the equivalent of "spam" on the Bitcoin blockchain servers, known in the industry as a "malleability attack."

A malleability attack on the Bitcoin network duplicates transactions

What happens is that when User A sends a transaction to User B, an attacker could intercept the Bitcoin payment and alter its ID (from 0001 to 0002).
When the transaction reaches the Bitcoin blockchain, the technology that registers and logs the payment, it is recorded with both IDs, causing a serious delay in showing the payment as confirmed (usually takes 10 minutes).
Only the transaction ID is affected by a malleability attack, the sender, recipient, and the Bitcoin sum being left intact. All transactions are processed by the Bitcoin blockchain, funds are transferred only once, and eventually one of the duplicate transaction IDs gets invalidated, confirming the other transaction.
Affected users usually get annoyed, in the least serious cases, but some will also resend their transaction after not receiving the normal confirmation, spending double the amount what was usually needed.

The attacker was only performing a "stress test"

According to an interview Maclin gave Vice, he said that he was only performing a stress test on the Bitcoin network, by intercepting transactions and rebroadcasting them with a different ID. Maclin said he stopped for the moment, but he plans future tests in the upcoming weeks.
This attack type is well known in Bitcoin circles, and a fix is being developed for it for almost a year. Coinkit describes the attack as "a simple numeric tweak to one number (S) in the ECDSA signature [used to authenticate Bitcoin transactions]. It’s documented as part of BIP62 and is called the 'low S' requirement. Coinkite always uses the lower S value, but these pranksters have been replacing that with the higher S value."

No comments:

Post a Comment