What the $600M cryptocurrency heist means for future of blockchain security – Northeastern University

What the $600M cryptocurrency heist means for future of blockchain security – Northeastern University

Blockchain Crypto Market Technology
May 5, 2022 by Coinvasity
18
Enter your search terms then press the return/enter key to submit your query. / Last month, a cryptocurrency blockchain platform built for a popular “play-to-earn” online video game was hacked. The hackers stole more than $600 million in digital currency from the blockchain, called Ronin (it’s technically a “sidechain,” meaning a blockchain that acts as
wp-header-logo-68.png

Enter your search terms then press the return/enter key to submit your query.

/

Last month, a cryptocurrency blockchain platform built for a popular “play-to-earn” online video game was hacked. The hackers stole more than $600 million in digital currency from the blockchain, called Ronin (it’s technically a “sidechain,” meaning a blockchain that acts as a bridge to other blockchains), in what has been described as the second-largest cryptocurrency heist to date.
As more industries make use of so-called blockchains, which are really just digital ledgers for storing data, the high-profile theft has raised new concerns about just how effective existing blockchain safeguards and protocols are at protecting the digital wallets of millions of traders.
Right now, it’s the wild west,” Alan Mislove, professor of computer science at Northeastern, says of the blockchain-based crypto trade.
Alan Mislove, professor of computer science at Northeastern. Photo by Matthew Modoono/Northeastern University
Not all blockchains are used for the purpose of trading cryptocurrencies. But because they effectively decentralize trading—or remove the intermediary—blockchain technology has been pitched as a way to move beyond traditional banking toward a more democratized system founded on the principles of inclusion, transparency, and security. Whereas traditional ledgers in banks require special permission or access to be audited, blockchains can be permissionless and wholly transparent (or public). Transactions are verified by participants in the blockchain, instead of a central authority, who are in turn rewarded in the currency.
How secure is this process? It depends. Blockchain companies often rely on a public-private key pair encryption, Mislove says. Blockchain users have a public key and private key that they use to perform certain tasks. Only the owner knows what the private key is, but everyone else knows the public key. 
“The challenge becomes keeping those private keys private,” Mislove says. “As they are obtained by an attacker, there’s nothing stopping a hacker from stealing those funds.” 
Some blockchain users store their private key on a physical device to keep it safe. Others use cryptocurrency exchanges, such as Coinbase, that secure the private keys on users’ behalf.
But Coinbase, the industry’s largest exchange, has seen an uptick in hacking of accounts. Once criminals gain access, they can drain a users’ account of its cryptocurrency in a matter of minutes, according to CNBC.
Ravi Sarathy, professor of international business and strategy at Northeastern. Photo by Alyssa Stone/Northeastern University
“Typically how it happens is somebody would break into a crypto exchange,” Mislove says. “But another common way is that the hacker would attempt to phish users to trick them into giving them their private keys.”
In the case of the Ronin blockchain theft, hackers were able to get access to so-called “validator nodes,” which are computers tasked with authorizing blockchain transactions. By hacking these computers, the attacker was able to approve fake withdrawals from accounts valued at more than $600 million. 
Mislove says he doesn’t know the details of the Ronin hack, but speculates it could have happened by means of traditional hacking. 
Oftentimes the way they break into those servers is through phishing, malware, etc.,” he says. “In other words, social engineering.”
But other cryptocurrencies, such as Bitcoin (also the industry’s first), are proving to be unhackable, says Ravi Sarathy, professor of international business and strategy at Northeastern.
“Bitcoin, one of the very first blockchains to enter public usage, has never been hacked,” Sarathy says. 
Sarathy says he thinks the Ronin hack, while an unfortunate event, can help companies fortify their servers and rethink how transactions get approved. 
“I think it just means that people are going to have to be more careful about how they set up validation, particularly on permission blockchains,” Sarathy says. 
Sarathy says he’s a “blockchain optimist.”
“I think blockchains’ value is broader than cryptocurrency when you think about things like decentralized voting and financial inclusion, for example,” Sarathy says. “The applications are virtually endless.”
For media inquiries, please contact media@northeastern.edu.
Did you like this story?
Share

Communities and nations that are welcoming to immigrants are more likely to realize the benefits of immigration, says Luis Dau, a Northeastern professor of international business and strategy. History, he believes, is on his side. But a new Northeastern-Gallup poll shows a deep ideological divide among respondents in the U.S., U.K., and Canada on whether immigration causes job losses.
Julia McCarthy, who co-founded Disrupt – The FinTech Initiative, is hoping that the group will serve as a collaborative space for students to investigate and pursue startup ideas in the emerging field of financial technology.
New York City officials recently set aside $250,000 to help women who travel from other states obtain abortions in the…
As artificial intelligence and automation become more sophisticated and more ubiquitous, people are becoming more and more concerned that they…
This month, New York City officials took dramatic steps to help ease the financial plight of taxi drivers who are…
On June 4, 1919, the United States Senate passed and sent onto the states for ratification a law to grant…
Some colonies are named after the place their homesick settlers came from. Other names, like Georgia or Jamestown, were a…
© 2022 Northeastern University
This website uses cookies and similar technologies to understand your use of our website and give you a better experience. By continuing to use the site or closing this banner without changing your cookie settings, you agree to our use of cookies and other technologies. To find out more about our use of cookies and how to change your settings, please go to our Privacy Statement.

source

Add a comment