A failed Sybil Attack has targeted monero and XMR users today, threatening to link IP addresses to user identities but the privacy is safe so far. In our Monero news today, we are reading more about the attack.
The failed Sybil attack could have compromised the privacy of some users but luckily the attack was unsuccessful. The identity of the attacker is not known yet. Monero was targeted by an attempted Sybil attack which failed according to the reports from project developer Riccardo Spagni. As he explained, an unknown attacker ran several nods in an attempt to compromise Monero users’ privacy. The attacker tried to record IP addresses and associate them with the information to compromise the privacy of the users.
Recently, a largely incompetent attacker bumbled their way through a Sybil attack against Monero, trying to correlate transactions to the IP address of the node that broadcast it. Whilst novel in that it is the 1st Sybil attack of this sort, it was also quite ineffective. 1/n
— Riccardo Spagni (@fluffypony) November 10, 2020
The attack exploited Monero-specific bugs that increased the attacker’s chances of ending up in a legitimate node’s list of peers. The attack failed luckily. Spagni described the attacker’s attempts as “largely incompetent” and “clumsy” saying that the attacker didn’t exploit any of Monero’s on-chain privacy features like shielded transactions or ring signatures. Spagni said that these precise lines of attacks were new as similar attacks could be performed against most cryptocurrencies and privacy coins. Spagni recommended that the XMR users broadcast their transactions via Tor of i2P. Monero released a blacklist of addresses that were associated with the attacker which will further reduce risks.
It should be noted that the attack will affect Monero users that are running a full node, not users that have a light wallet. It’s not clear who’s behind the attack. There’s one chance that a surveillance company carried out the attack. With the US government contracting two analysis firms to bypass Monero’s privacy, it is plausible that one of these firms was responsible for the attack. Spagni alleged that firms like Chainalysis used similar methods to monitor other blockchains like Bitcoin but he doesn’t believe that this was the case in this attack.
Spagni continued by saying that Chainalysis “already has a relationship” with exchanges and says it could ask for information that the failed Sybil attack would have provided:
“I don’t think they’d even bother.”
As recently reported in the XMR news, ShapeShift quietly delisted Monero from its trading platform as US government agencies started taking aim at the privacy coin.
DC Forecasts is a leader in many crypto news categories, striving for the highest journalistic standards and abiding by a strict set of editorial policies. If you are interested to offer your expertise or contribute to our news website, feel free to contact us at [email protected]
Discussion about this post