According to reports, late last week a large-scale dusting attack affected almost 300,000 litecoin wallets. By leveraging the divisibility of cryptocurrency, dusting attackers can target certain networks by sending tiny amounts of litecoin, bitcoin and other cryptocurrencies ("dust") to many different wallets. There can be a number of motives for this kind of attack.
Also this week, it was reported that crypto-mining malware was recently found hidden in popular Ruby code libraries. According to reports, half of the malicious libraries were blockchain-related, and they were downloaded hundreds of times.
An academic paper published last week surveyed Ethereum vulnerabilities, attacks and defenses. Aimed at an audience of researchers, practitioners and students, the paper highlights the need for more secure programming languages. The paper also discussed how Ethereum smart contracts introduce new kinds of vulnerabilities that do not have traditional counterparts. The authors systematize 26 attacks according to layers of the Ethereum architecture, as well as 47 proactive and reactive defenses.
For more information, please refer to the following links:
- Malicious cryptojacking code found in 11 Ruby libraries
- LTC Dusting Attack Affected Nearly 300,000 Addresses: Report
- A Survey on Ethereum Systems Security: Vulnerabilities, Attacks and Defenses
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
