Hacks, hacks in English, have always been part of the crypto ecosystem due to well-organized scams, security breaches, or the naivete of some investors.
Whether you’re in a bull market or a bear market, there’s one thing in the world of cryptocurrencies that doesn’t change: hacks. The democratization of the market has made hacks more visible than before due to the increase in the number of people affected.
There are several types of hacks, and without being able to make an exhaustive list, this article will introduce you to the most important ones. All of these hacks have one thing in common: they are caused by human error at some point or another.
#1 Theft of private keys
To understand this hack, one needs to know how a personal wallet or wallet works. The latter, detailed in this article, is protected by a private key. This allows, in particular, to certify the transaction.
If an attacker manages to steal your private key, he can steal all the cryptocurrencies stored in your wallet.
This is the simplest hack and is much more relevant than one might imagine. People may contact you to tell you about some problem and that the only way to solve it is to give your private key to the person you are talking to.
However, no company or person will contact you to ask for your private key! Thus, this is a scam, which unfortunately suffers many people who do not have the necessary knowledge or are simply naive.
#2 Attack 51%
This hack is the most mystical of all because it is feared by the most secure protocol: Bitcoin (BTC). However, rest assured, the chances of doing so are as high as winning the EuroMillions lottery. At least for bitcoins!
A 51% attack means controlling more than half of the nodes in the network and taking into account the validity of transactions. Thus, potentially fraudulent transactions will be considered legitimate and confirmed. In this case, the protocol will be compromised, and this is exactly what happened with the Ronin network recently. The latter, which was only protected by 9 validators, saw a hacker take control of half of them and steal several hundred million dollars.
But can Ronin’s case be easily repeated? For small protocols with so few validators, yes. Not for Bitcoin. Indeed, there are about 15,000 miners or mining pools on the Bitcoin network. The task looks more difficult. First of all, if it happened unexpectedly, the attack and fraudulent transactions would be noticed in a few seconds. Then BTC will lose all trust and all exchange value, not to mention that the corresponding addresses will be blocked!
Thus, for a protocol as secure and transparent as Bitcoin, a 51% attack is a myth. But this is plausible for protocols like Ronin.
#3 Carpet sweaters
Pulling the rug is the most famous type of hack in the crypto world. It means to run away with the box. The bidding initially includes a project that appears to be legitimate, with a listed token, a team, and people willing to purchase the token. Often the team promises big profits in the future.
The token is listed by the team in the decentralized finance protocol and its price is skyrocketing. Therefore, it attracts investors, seeing that the promise seems real. But without warning, the price of the token collapsed in a matter of seconds. So what happened?
The team just “went with the cash.” In fact, the price of the token rose as hackers controlled its issuance and transactions. Therefore, it was enough to buy a lot of tokens or withdraw them from circulation in order to sharply raise the price.
Once the price set by the hackers is reached, they resell all of their tokens. Since they own the majority, the price literally drops, leaving investors with worthless tokens.
This life hack is just a kind of carpet. It is “softer” than other types, which is why it is called a soft rug. Indeed, a hack can only work if there are a large number of investors holding the purchased cryptocurrencies for a certain time.
#4 Damage to the computer protocol code
This is another type of carpet pulling, even more complex. For that, we’re talking about hard pulling the mat because breaking is all about design. Indeed, the protocol’s computer code is corrupted, for example by restricting sell orders to one or more addresses. In other words, other addresses cannot be sold.
Thus, it is enough for several investors to purchase the listed tokens and for pirates to wait until a certain amount of them is mastered in order to exchange all the tokens. Indeed, since they control the sale, the hackers are confident that investors will keep their tokens for as long as they need to.
This is exactly what happened with the Squid Game Token, named after the famous TV series. Initially a project, a beautiful site, supposedly supported by Elon Musk, a seemingly serious team and a rising price … until the price fell by 99% in a few seconds.
A completely successful colossus, because the project seemed legitimate, at least to a beginner. But investors quickly complained about their inability to sell, but to no avail. An inquisitive developer, after analyzing the code, would see the depravity of the latter. But that would be too late.
5. Lack of protocol security
For this, we can say that this was not originally planned! The hack happened because there was a security vulnerability in the protocol’s computer code that a hacker could exploit. The latter uses the ability to repatriate a large number of tokens to one or more addresses.
The hacker then quickly rushes to resell his tokens for a huge profit. If this hack is common, it does not ban the affected protocol. After all, it is possible that the value of the token will not collapse, because the exploited gap is immediately repaired. The code is reviewed, fixed, and (usually) much more secure than it was before the crack.
But you can also abandon the project. This is exactly what happened with the DAO attack on the Ethereum (ETH) blockchain in 2016, the first of the decentralized autonomous organizations. It was a security breach that also led to the collapse of Mt Gox in 2014, a platform that then handled 70% of bitcoin transactions. The hackers hacked into the company’s servers and stole about 750,000 BTC, or almost $500 million at the time. Mt Gox then filed for bankruptcy, causing thousands of investors to lose everything.