The new Erebus attack could compromise the security of the world's most widely used cryptocurrency, Bitcoin. This stealthy partitioning attack has the ability to affect and manipulate the network of nodes that make up Bitcoin.
Recently, Bitcoin Core developers released a new version of the Bitcoin code, version 0.20.0. An update that integrates a new feature called asmap, which has the potential to protect the network against the Erebus attack. An attack that can successfully manipulate the actions of nodes interconnected to the Bitcoin P2P network.
However, it seems that Asmap does not guarantee 100% reliable protection for the network. So let's see: What is Erebus? How can this attack really affect Bitcoin's security? And what else are developers doing to protect the network and users? Will this be the kill switch that governments can use against Bitcoin?
It may interest you: VCrypt Decryptor, Telefónica's tool to detect files affected by VCryptor
What is the Erebus attack?
The Erebus partition attack is an attack that can partition or split the Bitcoin peer-to-peer network, and other cryptocurrencies that use the same codebase, without routing manipulation. That is, it can cause the Bitcoin node network to split, stop working, and all in a stealthy manner. We would not notice the attack until it is too late and the network is already suffering from the damage of Erebus.
In this way, Erebus can allow adversary systems such as governments or large internet service providers, known as ISP (Internet Service Provider) to carry out an attack against the Bitcoin network. With this, they can isolate the public nodes of the Bitcoin network to launch other types of important attacks.
For example, the well-known attackede by 51%. which can allow actors to control and manipulate the Bitcoin network at will and for their benefit. Or the attack known as double-spending, which is intended to allow the attacker to use the same amount of cryptocurrency on more than one occasion.
The worst thing is that the Erebus attack is not new, its designers Muoi Tran, Inho Choi, Gi Jun Moon, Anh V.Vu and Min Suk Kang, they developed it in 2019And it is almost a year later that this error seeks to be corrected.
How is this partition attack achieved?
In order to attack the network, Erebus uses a novel deception system, which makes the adversary system or attacker look like a kind of network of real users (Man-In-the-Middle-Network, or MITM). From where one or more public nodes can be isolated from the interconnected network of nodes in order to slowly and progressively influence their operation and decisions.
Source: Erebus attack perpetrators (National University of Singapore)
Let's remember that Bitcoin works through a network of nodes interconnected with each other. Where all nodes participate, in consensus, in the decisions that are made within the network for the validation of transactions, blocks and more. Therefore, the attacker being able to control and influence several nodes will affect the consensus within the network and therefore, its security. By partitioning the network, the attacker can obtain more than 50% of Bitcoin's hash power and execute the aforementioned attacks (51% attack or double-spending attack).
To run Erebus, the attacker does not need to operate through an automatic botnet that executes the actions. Instead, they can do so through a common computer, from where they will execute the simple actions that a Bitcoin node normally does.
An important aspect to consider is that if the attacker uses a large enough ISP, he can then choose the most accessible and least restricted public nodes on the Bitcoin network. It should also be noted that Tier-1 and Tier-1 networks can choose and target, in most cases, any of the 2 public nodes that the Bitcoin network currently has.
But how can the Erebus attack really affect Bitcoin?
A partition attack like Erebus can have negative consequences for the Bitcoin network. As we already mentioned, Bitcoin relies on consensus for decision-making and for recording transactions within its blockchain. It is a completely decentralized, autonomous and transparent system. Therefore, if its consensus among public nodes is affected, the network will lose all trust and security.
Attackers could execute all kinds of attacks on the network for their own benefit or simply to destabilize Bitcoin.. Through Erebus, data and operations can be altered, users censored, and many other things can be done. Bitcoins could even be stolen or removed from the network. A situation that would obviously affect investors and the entire crypto community. Considering that Bitcoin is the most widely used cryptocurrency worldwide. And that it has a current supply of more than 18,4 million cryptocurrencies. Which at current value would represent around 180 billion dollars.
Furthermore, since the Erebus attack can be executed silently and virtually undetectably, important actors such as governments and central banks could cause significant damage within the network without being discovered.
On the other hand, Bitcoin is not the only cryptocurrency that is at risk of suffering this partition attack. Erebus can be quite effective on any cryptocurrency whose design is based on the Bitcoin code. So, as of today, it is possible that 34 out of every 100 cryptocurrencies that exist on the market could be subject to this dangerous attack.
Asmap, a new update that seeks to guarantee protection and security for Bitcoin nodes
In search of solutions and tools to prevent the execution of Erebus, Bitcoin Core developers published the new update to the Bitcoin system code. An update known as Asmap was designed to prevent and avoid the execution of this attack.
As already explained, Erebus is a virtually undetectable attack that has the ability to isolate public nodes in the networks of several cryptocurrencies, including Bitcoin. Therefore, the implementation of Asmap will efficiently contribute to the safeguarding and protection of this network. Diversifying the connections of public nodes through mapping and tracking ASN IP addresses. In order to then limit the number of connections that can be made from individual ASNs.
The new update integrates a peer window where the mapping of AS connections used to diversify the peer selection of nodes is displayed. An integration that is also used to prevent nodes from connecting to others within the same region or provider. The idea is to allow each AS to connect at most once, to increase network security.
Lastly, this new version of the Bitcoin Core code is compatible with all Windows operating systems, from version 7 to older versions. It is also compatible with Linux and Mac OS 10.12.
Continue reading: Fundeun announces BlockchainFUE, the first cooperative to offer a public blockchain network in Spain
