Failed Sybil Attack Targeted Monero Users, Privacy Is Safe
Monero was
targeted by an attempted Sybil attack that ultimately failed,
according to reports from project developer Riccardo Spagni. As explained
by Spagni, an unknown attacker ran several nodes in an attempt to
compromise Monero users’ privacy. In essence, the attacker
tried to record IP addresses and associate them with certain transactions
to compromise user privacy. The attack exploited a
Monero-specific bug that increased the attacker’s chances of
ending up in a legitimate node’s list of peers. The attack ultimately
failed, though: Spagni describes the attacker’s attempts as
“largely incompetent” and “clumsy,” adding that the attacker did not
exploit any of Monero’s on-chain privacy features, such as
shielded transactions or ring signatures. Spagni says that, though the
precise line of attack was novel, similar attacks could be performed
against most cryptocurrencies and privacy coins. As such, Spagni
recommends that Monero users broadcast their transactions through Tor or
i2p. Monero has also released a blacklist of addresses associated with
the attacker, which will reduce further risks. It should be noted that the
attack only affects Monero users who are running a full node, not users
who have a light wallet. It is not clear who is responsible for the
attack. One possibility is that a surveillance company carried out the
attack. Given that the U.S. government has contracted two analysis firms
to circumvent Monero’s privacy, it is plausible that one of those firms was
responsible for the attempted attack. Spagni alleges that firms such as
Chainalysis have used similar techniques to monitor other blockchains such as
Bitcoin. However, he doesn’t believe that was the case in this attack. Spagni
says that Chainalysis “already has a relationship” with exchanges and says it
can ask for information that the Sybil attack would have provided. “I don’t
think they’d even bother,” he concludes. Ultimately, the identity of the
attacker remains a mystery.
Monero was
targeted by an attempted Sybil attack that ultimately failed,
according to reports from project developer Riccardo Spagni. As explained
by Spagni, an unknown attacker ran several nodes in an attempt to
compromise Monero users’ privacy. In essence, the attacker
tried to record IP addresses and associate them with certain transactions
to compromise user privacy. The attack exploited a
Monero-specific bug that increased the attacker’s chances of
ending up in a legitimate node’s list of peers. The attack ultimately
failed, though: Spagni describes the attacker’s attempts as
“largely incompetent” and “clumsy,” adding that the attacker did not
exploit any of Monero’s on-chain privacy features, such as
shielded transactions or ring signatures. Spagni says that, though the
precise line of attack was novel, similar attacks could be performed
against most cryptocurrencies and privacy coins. As such, Spagni
recommends that Monero users broadcast their transactions through Tor or
i2p. Monero has also released a blacklist of addresses associated with
the attacker, which will reduce further risks. It should be noted that the
attack only affects Monero users who are running a full node, not users
who have a light wallet. It is not clear who is responsible for the
attack. One possibility is that a surveillance company carried out the
attack. Given that the U.S. government has contracted two analysis firms
to circumvent Monero’s privacy, it is plausible that one of those firms was
responsible for the attempted attack. Spagni alleges that firms such as
Chainalysis have used similar techniques to monitor other blockchains such as
Bitcoin. However, he doesn’t believe that was the case in this attack. Spagni
says that Chainalysis “already has a relationship” with exchanges and says it
can ask for information that the Sybil attack would have provided. “I don’t
think they’d even bother,” he concludes. Ultimately, the identity of the
attacker remains a mystery.