Crippling DDoS Vulnerability Put The Entire Bitcoin Market At Risk
(Sep 20, 2018)
A Distributed-Denial-of-Service (DDoS) vulnerability was discovered to affect Bitcoin Core versions 0.14.0 up to 0.16.2 that could bring down the entire Bitcoin blockchain by flooding full node operators with traffic. The vulnerability originates in the consensus code and allowed for Bitcoin miners to have the option of sending transaction data twice. This would cause the Bitcoin network to crash whilst it attempted to validate the duplicate transaction. This type of DDoS attack, however, would require the threat actor to basically throw away 12.5 BTC ($80,000 USD) to actually cause any damage to the network, so it is unlikely it will be exploited. However, it does still exemplify a significant vulnerability to the Bitcoin network. Bitcoin software developers have issued a patch for anyone running nodes.
Recommendation: Since a patch has been released it is important to apply it immediately along with updating the general Bitcoin Core software. While a DDoS attack like this is highly unlikely to occur against Bitcoin because of the amount of money it would cost to evoke a high amount of traffic and due to the high decentralisation of the network, it is still important to recognise the various threats posed to cryptocurrency providers. This also exemplifies the necessity to maintain blockchain integrity.
Indicators of Compromise (IOCs) associated with this story can be viewed by ThreatStream users here to identify potential malicious activity.