Targeting the Node
Introduction to blockchain nodes
HTTP and other web standards define how computers are supposed to communicate with one another, not the software that is used to implement these communications. Since all web servers and browsers follow the same standards, they are able to communicate effectively despite working from very different codebases.
The same is true of blockchain. The blockchain protocols define how the system should work but need to be implemented as code in order to be usable. This implementation of the blockchain in software introduces attack vectors that do not exist in the theoretical description of the blockchain protocol.
Targeting the node
Blockchain software is like any other piece of software and is vulnerable to many of the same attacks. Four of the major threats to the security of a blockchain node are software misconfigurations, Denial-of-Service attacks, malicious data and malware.
Blockchain is implemented as software on a node, and, in many cases, blockchain software is implemented to have a number of different features. If these features are improperly configured or secured, they can leave the blockchain software vulnerable to attack.
The risks of software misconfigurations were demonstrated by a series of attacks against Ethereum users. Their software had the ability to open up Remote Procedure Calls (RPC) on port 8545 to enable external software to make transactions using the blockchain, but this functionality was disabled by default. Some blockchain users enabled the feature but did not properly protect their software using a firewall. As a result, attackers scanning for open ports 8545 were able to send commands to these vulnerable programs and drain the value that they contained into the attacker’s own accounts.
Blockchain systems are designed to be decentralized. This means that no node is vital, but all of them contribute to the functioning of the network.
Denial-of-Service (DoS) attacks designed to disable blockchain nodes can be performed in a number of different ways. An attacker may perform a traditional DoS attack against a node to make it difficult for it to communicate with its peers. Alternatively, malware could use up processing or storage resources, denying it to the blockchain software.
By making a node less functional or knocking it offline, an attacker makes a blockchain network more vulnerable to attack. If a node controls a significant percentage of the scarce resource used in consensus (computing power, staked cryptocurrency and so on), then impairing this node’s operations can make the blockchain consensus algorithm easier to attack.
Blockchain nodes are designed to process untrusted data. Nodes maintain a copy of the distributed ledger, meaning that they need to process transactions and blocks created by other nodes or users of the blockchain network.
This need to process untrusted data can make nodes vulnerable to injection attacks. A malformed or malicious transaction designed to exploit a vulnerability in the blockchain software can cause a node to crash or potentially grant an attacker access to or control over the node.
The potential impact of this type of attack was demonstrated by a flaw in the EOS blockchain software discovered by Qihoo 360 researchers in the software’s code for processing smart contracts. Exploitation of this vulnerability would enable an attacker to create a reverse shell, providing them with access to any node that ran the malicious transaction. If this transaction was included in a block, this would include every node within the network. Luckily, this flaw was discovered and corrected before the network was launched and posed no threat to users.
Like any software running on a computer, blockchain software is potentially vulnerable to malware. Malware designed to attack blockchain systems can have a variety of different intended impacts:
- Private key theft: Blockchain systems use public key cryptography to digitally sign transactions and blocks. This protects the integrity of the data that they contain and ensures authenticity. Malware designed to search for and steal the private key associated with a user’s account can perform transactions and sign blocks on their behalf.
- Address substitution: When sending a transaction on the blockchain, a user may need to specify an address to send funds to. Some blockchain-focused malware monitors the user’s clipboard for data that looks like a blockchain address and substitutes in the attacker’s address. If successful, this sends the cryptocurrency to the attacker’s account and blockchain immutability makes it infeasible to reverse the transaction.
- Denial of service: Blockchain nodes need access to memory and processing power to do their jobs. By denying access to these resources, malware can render a blockchain node unusable or less effective.
- Traffic filtering: Blockchain nodes rely upon their communications with other nodes to stay up to date with the current state of the distributed ledger. Blockchain-focused malware can filter the transactions and blocks seen by a particular node. This could enable an attacker to influence a node’s operations to contribute to a blockchain that benefits the attacker or to cause it to waste its resources (and its share of the scarce resource) on a version of the blockchain that will be replaced under the longest chain rule.
Securing the blockchain node
As software running on a computer, blockchain software is vulnerable to many traditional cybersecurity threats. Securing blockchain nodes against these attack vectors requires implementing cybersecurity best practices, such as running antivirus, installing updates and checking that software is correctly configured.
- Hackers Stole Over $20 Million in Ethereum from Insecurely Configured Clients, The Hacker News
- Critical RCE Flaw Discovered in Blockchain-Based EOS Smart Contract System, The Hacker News
- Serious Security: How to cut-and-paste your way to Bitcoin riches, Naked Security by Sophos