With all the media coverage surrounding double spend attacks in recent weeks, it appears that one such exploit — a 51 percent attack on litecoin cash (LCC) — managed to slip through the cracks.
The alleged incident appears to have occurred on May 30, when Russia-based cryptocurrency exchange YoBit tweeted that it had identified a 51 percent attack on the coin, which forked away from litecoin (LTC) in February but has struggled to gain traction in the months since.
Litecoin cash developers appeared to allude to the attack in an announcement published the following day, adding that they are discussing a range of strategies to prevent similar incidents:
“We are currently investigating consensus-based strategies for increased protection against hashrate-driven / difficulty manipulation attacks. Some options may include PoS ideas. Our 0.16 codebase is otherwise ready to go, so along with increased network protection will come great features such as native bech32.”
LCC’s developers further said that while a long-term fix will likely require a hard fork, users should wait at least 100 blocks before feeling confident that a transaction has been confirmed and cannot be reversed by a malicious miner.
“As our network protection features will likely mean a hard fork, we will continue to communicate throughout development to ensure that all core nodes, pools, exchanges and the entire community is ready to update when the time comes. In the meantime, we urge everyone to wait 100+ blocks before treating transactions as confirmed.”
In a 51 percent attack, a malicious miner acquires a majority of a network’s hashrate and uses it to force other nodes to accept fraudulent blocks. Specifically, the attacker can reverse transactions that they made in previous blocks by reorganizing the blockchain, though they can only manipulate transactions made by addresses to which they control the private keys.
Typically, 51 percent attacks are monetized by depositing funds at cryptocurrency exchanges, laundering them, and then withdrawing them into an attacker-controlled wallet. The attacker then uses their majority hashpower to reorganize a series of recent blocks, including the one that contained the initial exchange deposit. They replace this transaction with one transferring the same coins to an address in their control, effectively causing them to vanish from the exchange’s wallet.
This is known as a double spend attack, and it was presumably how the LCC attacker sought to profit from the 51 percent exploit. However, CCN has not yet reviewed hard evidence demonstrating that the attacker successfully executed a double spend.
This is possible because the cost of deploying these attacks is often shockingly low for small Proof-of-Work (PoW) coins and exacerbated by the fact that cloud mining providers allow users to rent hashpower for a limited period of time — as short as one hour — reducing the financial risk associated with attempting such an attack compared to that of a large-cap cryptocurrency like bitcoin, which — given the relative dearth of available cloud mining hashpower — would require an attacker to make a significant up-front investment in mining hardware.
The good news for ordinary users is that you can only lose funds in a double spend attack if the attacker makes a payment to you directly and that payment is later reversed in a chain reorganization. However, these attacks damage the coin’s reputation and raise questions about its blockchain’s security, immutability, and long-term viability.
Images from Shutterstock