The Coordinated Attack on Ethereum

On December 31, the Ethereum network found itself in the crosshairs of a coordinated attack that sent ripples through the crypto community. Analysts reported a mass outage that left some Parity Ethereum nodes out of sync, prompting swift action from Parity Technology, a major blockchain infrastructure firm. They quickly rolled out network upgrades in a bid to bolster defenses against the assault.

How the Attack Worked

Cryptocurrency security consultant Sergio Demian Lerner revealed that the attack was executed in a surprisingly simplistic manner. It involved bombarding a Parity node with blocks containing invalid transactions, while the headers were valid—borrowed from other blocks. While the node dismissed the invalid block, it then permanently banned the header that was still technically valid. Talk about a sneaky little loophole!

“You send to a Parity node a block with invalid transactions, but valid header… The header is still valid.” – Sergio Demian Lerner

Geth to the Rescue

Software developer Liam Aharon analyzed the situation and concluded that, although the attack came close to collapsing the entire network, Ethereum was saved by a client named Geth, which was immune to the attack. But here’s the kicker: with Parity contemplating a shift towards a DAO ownership model, Aharon warned that Geth might be the only well-maintained client by 2020. If that came true, future attacks could spell disaster for Ethereum, instead of just being an annoying hiccup.

Parity’s Ongoing Vulnerability Fixes

In the wake of this attack, Parity has been on a mission to patch vulnerabilities that plague the Ethereum network. Earlier this year, Parity’s CEO Jutta Steiner pointed out that a new function known as Create2 could have prevented a previous scandal involving the Parity multisig wallet. This fiasco saw a user inadvertently ‘kill’ the multisig library, letting off a self-destructing chain reaction that nobody saw coming.

In May, reports surfaced that a troubling one-third of Ethereum client software still hadn’t patched critical vulnerabilities, leaving a shocking 15% of all Parity nodes ripe for a 51% attack—yikes!

Other Recent Attacks in the Crypto Space

It isn’t just Ethereum feeling the heat. Just days before the Ethereum chaos, IOTA holders faced a 24-hour transaction halt due to an incident caused by a peculiar transaction pattern that some suspect was another form of attack. IOTA Foundation clarified that this hiccup wasn’t linked to any software changes but stemmed from a lack of transaction processing logic for these unusual transactions.

Even cryptocurrency juggernaut BitPay hit a snag early this month, facing a temporary outage for Bitcoin payments. It seems like everyone in crypto is either under attack or dodging bullets!