Blockchain attack vectors

Blockchain can be attacked in a number of different ways. Many of the most famous attacks focus on issues with either the theoretical blockchain protocol (such as the 51% attack) or smart contracts (such as reentrancy and access control vulnerabilities).

However, even a theoretically secure blockchain protocol can be vulnerable to attack when implemented. Blockchain is typically implemented using traditional computers and networks, and attacks against this infrastructure level can impact the security of the blockchain system itself.

Attacks against blockchain nodes

Like the internet, blockchain is implemented as software running on computers and processing data and communicating based upon predefined protocols. An attacker can exploit a blockchain network’s reliance upon software and computers by:

  • Exploiting software misconfigurations: Blockchain is implemented as software running on blockchain nodes, and this software is often designed to interface with external systems such as wallet software or enterprise resource planning (ERP) systems. If the blockchain software is configured to expose these interfaces but they are not properly protected (i.e., by a firewall), then an attacker may be capable of connecting to a node’s blockchain software and take over their account.
  • Executing Denial-of-Service (DoS) attacks: Blockchain is designed to be resilient against DoS attacks by ensuring that no node in the blockchain network is essential. However, each node in the blockchain network can be individually targeted by DoS attacks that still impact blockchain security. An attacker could perform a traditional network-based DoS or consume the node’s computational or storage resources to degrade its ability to maintain a copy of the distributed ledger or participate in blockchain consensus.
  • Performing transaction-based injection attacks: Injection attacks take advantage of poor input sanitization to exploit vulnerabilities using malformed and malicious input. Blockchain nodes are designed to process large amounts of untrusted data in the form of transactions and blocks. If a blockchain software’s transaction, block or smart contract processing code contains an exploitable vulnerability, a malformed transaction can exploit all of the nodes running that particular version of the blockchain software.
  • Building blockchain-specific malware: Traditional malware can attack blockchain nodes in a number of different ways. Malware can attempt to steal private keys from a node or perform a DoS attack against a node. This endangers the security of the blockchain network by enabling the compromise of blockchain accounts or decreasing the number of honest nodes protecting the organization’s consensus algorithm.

Targeting the blockchain network

In addition to using computers for data storage and processing, blockchain also require a way to communicate with one another. In most cases, blockchain communications are built on top of corporate networks or the public network.

The Internet can be attacked and exploited in a number of different ways. Some of the methods by which the blockchain network can be attacked using its underlying infrastructure include:

  • Eclipse attacks: Blockchain networks are implemented as peer-to-peer networks, where each node is connected to a set of peers and information percolates across the network by having each node broadcast any transactions or blocks that they receive to their immediate peers. Eclipse attacks take advantage of this by isolating a node from the rest of the blockchain network by controlling all of the peers through which it gets information about the state of the network. This type of attack enables an attacker to perform a double-spend attack or co-opt the node’s resources by forcing it to believe and support a fake version of the state of the network.
  • Routing attacks: Routing attacks are similar to eclipse attacks but are designed to break the network into multiple isolated chunks rather than cutting off a single node from the network. This isolation can be accomplished by taking advantage of vulnerabilities in the underlying network architecture, such as Border Gateway Protocol (BGP) hijacking. Like eclipse attacks, routing attacks can be used to perform double-spend attacks or degrade the network’s operations by forcing isolated segments of the network to work on competing versions of the blockchain.
  • Sybil attacks: A Sybil attacker takes advantage of the anonymity of blockchain by registering many malicious accounts on the blockchain. While this does not enable them to hijack consensus (since it does not provide more of the scarce resource used to manage control over the blockchain consensus process), it can be used to facilitate other attacks. For example, a Sybil attack makes an eclipse attack easier to perform because it increases the probability that all of a node’s randomly-selected peers actually belong to an attacker.

Securing blockchain infrastructure

Blockchain technology does not operate in a vacuum. While the blockchain protocol has strong security in theory, it can be attacked in a number of different ways. Targeting vulnerabilities in the nodes and network that implement the distributed ledger enable an attacker to impact the operations and security of the blockchain and distributed ledger.

When designing and implementing blockchain systems, it is essential to consider infrastructural requirements and security. Not only is it essential that a blockchain node or network be capable of receiving, carrying and processing large amounts of data (peer-to-peer networks are very inefficient) but also have built-in protections to minimize their vulnerability to attack.



  1. 51% Attack, Investopedia
  2. What is a double-spend attack?, Coin Rivet
  3. What Is BGP Hijacking?, Cloudflare

Be Safe

Section Guide


View more articles from Howard

As you grow in your cybersecurity career, Infosec Skills is the platform to ensure your skills are scaled to outsmart the latest cyber threats.

Section Guide


View more articles from Howard