Monero’s network, a privacy-focused cryptocurrency, suffers from a large cyberattack (Sybil attack)

(XMR), a cryptocurrency with a focus on the privacy of its users, has been the victim of a Sybil attack. Riccardo Spagni, the platform’s lead developer, released a statement revealing some details about this disastrous incident.

In Spagni’s words, a “pretty incompetent attacker” deployed a Sybil attack on the platform, which involves seizing a network through an excess of accounts, network node, or devices. The developer also mentioned that the hacker tried to associate transactions with the IP address of the network node that approved some transactions, although it was unsuccessful.

Recently, a largely incompetent attacker bumbled their way through a Sybil attack against Monero, trying to correlate transactions to the IP address of the node that broadcast it. Whilst novel in that it is the 1st Sybil attack of this sort, it was also quite ineffective. 1/n

It should be noted that Monero transactions are actively protected by three advanced privacy mechanisms, such as encryption of public signatures, secret addresses, and confidential transactions.

Spagni added that this kind of attack could be deployed against networks of other virtual assets, although it also notes that it is completely possible to prevent or contain these possible attacks. The famous developer claimed that the biggest measure against such an attack is that the network node that approves transactions is using Tor or I2P.

Monero developers seem to be prepared against many other attack variants. In 2017, the developers launched the Dandelion security system, which is capable of containing all kinds of attacks against network transactions.

Without getting technical, Dandelion++ works by randomly “diffusing” transaction broadcasts. This means that for a Sybil attack to link a transaction to a node’s IP address it has to be intercepted at the very first node in the “stem” phase of a Dandelion++ broadcast. 8/n

Spagni eventually mentioned that the hacker would have deployed a Sybil attack capable of covering thousands of network nodes, so he recommended that concerned network members run their network nodes based on the Tor browser.

Transactions on the Monero network are known to offer 100% privacy, especially when combined with the Tor browser. While this is attractive to users, this has become a concern for regulatory authorities. The U.S. Internal Collection Service (IRS) has even offered rewards to researchers who are able to violate Monero’s privacy, although no one has been able to develop a functional method for this task.

Originally published at https://www.securitynewspaper.com on November 12, 2020.