Malicious attack nearly brings down Ethereum’s network
- The attack reportedly exploited a software glitch in Parity (a widely-used Ethereum client).
- The attack wasn’t able to bring the network down due to another ETH client, Geth, which is immune to this attack.
The Ethereum (ETH) blockchain has encountered and survived what appears to be an intentional attack on December 31. The attack reportedly came very close to shutting the entire network down. Australia-based blockchain developer, Liam Aharon, stated that the attack took advantage of a software glitch in Parity - a widely used Ethereum client.
Sergio Demian Lerner, a crypto security consultant, said:
The attack is simple: you send to a Parity node a block with invalid transactions, but valid header (borrowed from another block). The node will mark the block header as invalid and ban this block header forever but the header is still valid.
George Pîrlea, a distributed systems expert, stated:
The attack consists of sending a block along with a header that doesn’t match the block. Parity verified the block, noticed it did not match the header, and then marked the *header* as bad. This means the real/correct body would never be downloaded.
Aharon explained that the attack exploited a bug in Parity by “tricking” the vulnerable nodes. He said that a prominent number of Parity Ethereum nodes became unsynced with the Ethereum network. He revealed that there are still many Ethereum nodes that haven’t been updated though a software patch was released 14 hours after the attack. Aharon mentioned that the attack could not bring the network down because there’s another popular ETH client, called Geth, which is reportedly immune to this particular attack.
Author
Rajarshi Mitra
Independent Analyst
Rajarshi entered the blockchain space in 2016. He is a blockchain researcher who has worked for Blockgeeks and has done research work for several ICOs. He gets regularly invited to give talks on the blockchain technology and cryptocurrencies.
