Decentralized Venture Ecosystem

Blockchain Vulnerabilities, Forensics And Legal Challenges

McCarthy Tetrault | Barry B. Sookman | Nov 19, 2021

Hacks scams fraud in blockchain - Blockchain Vulnerabilities, Forensics And Legal ChallengesIt is often assumed that blockchain based digital currencies and applications are safe and secure. In fact, blockchain ecosystems including cryptocurrencies such as bitcoin and Ether, smart contracts that power a plethora of transactions, and blockchain exchanges have many vulnerabilities.

Like many other financial systems, blockchain based systems are subject to all manner of hacks, frauds scams, and vulnerabilities. They happen at the speed and anonymity of the Internet.

There are, understandably, numerous legal challenges when it comes to obtaining civil remedies for these Internet based crimes. This is as true, and perhaps even more so, for blockchain hacks, scams, and frauds as it is for a whole host of other Internet crimes and wrongs.

Blockchain vulnerabilities, hacks, frauds and scams

There are trillions of dollars invested in blockchain based digital currencies. Bloomberg recently estimated that the cryptocurrency market is now worth more than U.S. $3 trillion. There are well recognized financial risks associated with cryptocurrencies volatility. But, this has not seemed to have dampened the market for these items.

See:  Crypto fraud and breaches on pace to exceed $3 billion in 2021

While losses from hacks and vulnerabilities are hard to estimate, by one account hackers have stolen nearly $2 billion worth of cryptocurrencies in the two year period between 2017-2019. Some hacks are by lone hackers, but many are by sophisticated cybercrime organizations. According to a recent article In the MIT Security review, the hype that these assets are unhackable  are “dead wrong”. According to the article:

In short, while blockchain technology has been long touted for its security, under certain conditions it can  be quite vulnerable. Sometimes shoddy execution can be blamed, or unintentional software bugs. Other times it’s more of a gray area—the complicated result of interactions between the code, the economics of the blockchain, and human greed. That’s been known in theory since the technology’s beginning. Now that so many blockchains are out in the world, we are learning what it actually means—often the hard way. [ii]

As with every other financial system, there are opportunities for fraud. One vector is fraud associated with online marketplaces.

Private key security attacks are also a known means of allowing malicious actors to steal cryptocurrencies. A private key allows individuals to access funds and verify transactions. An attacker who has discovered a vulnerability in an elliptic curve digital signature algorithm, for example, can recover a user’s private key. If a private key is stolen, it is difficult to track any related criminal activity and recover the relevant blockchain asset.[viii]

See:  Decentralized Finance—Risks, Regulation, and the Road Ahead

Hackers have also been known to steal the keys to cryptocurrency wallets.[ix]

Of course marketplaces, like almost every other organization in Canada are subject to data breaches from a myriad of sources.

Despite all the security features blockchain offers, individuals and organizations are still susceptible to phishing attacks.

SIM swap attacks are also not uncommon.

Hackers have also been known to exploit technical weaknesses in blockchain systems.

Hackers can also engage in Routing Attacks. Blockchains rely on real-time, large data transfers. Hackers can intercept real-time large data transfers such as by hijacking IP prefixes or dropping connections momentarily, preventing the system from reaching consensus.

See: 

Crypto scams, DeFi hacks, and rug pulls: Why the crypto industry needs insurtech

CipherTrace August 2021 Crypto Crime Report: Crypto Fraud Dips as DeFi Hacks Grow

Other examples of technical weaknesses were a cryptographic flaw in the cryptocurency Zcash that could have been exploited to make unlimited counterfeit Zcash and in bitcoin’s main client, Bitcoin Core, that had a flaw that could have let attackers mint more bitcoins than the system was supposed to allow. [xviii]

Research shows that there are also many other security vulnerabilities associated with in smart contracts[xxi] Other types of attacks include the “Balance Attack” and “Sybil Attacks”. [xxii]

Continue to the full article --> here

 


NCFA Jan 2018 resize - Blockchain Vulnerabilities, Forensics And Legal Challenges The National Crowdfunding & Fintech Association (NCFA Canada) is a financial innovation ecosystem that provides education, market intelligence, industry stewardship, networking and funding opportunities and services to thousands of community members and works closely with industry, government, partners and affiliates to create a vibrant and innovative fintech and funding industry in Canada. Decentralized and distributed, NCFA is engaged with global stakeholders and helps incubate projects and investment in fintech, alternative finance, crowdfunding, peer-to-peer finance, payments, digital assets and tokens, blockchain, cryptocurrency, regtech, and insurtech sectors. Join Canada's Fintech & Funding Community today FREE! Or become a contributing member and get perks. For more information, please visit: www.ncfacanada.org

Latest news - Blockchain Vulnerabilities, Forensics And Legal ChallengesFF Logo 400 v3 - Blockchain Vulnerabilities, Forensics And Legal Challengescommunity social impact - Blockchain Vulnerabilities, Forensics And Legal Challenges

Support NCFA by Following us on Twitter!






NCFA Sign up for our newsletter - Blockchain Vulnerabilities, Forensics And Legal Challenges



For more information about FFCON21: BREAKING BARRIERS, on-demand videos and ways to participate




 

Leave a Reply

Your email address will not be published. Required fields are marked *