On Jan. 22, FireEye participated in a panel focused on
cryptocurrencies and blockchain technology during the World Economic
Forum. The panel addressed issues raised in a report
developed by FireEye, together with our partner Marsh & McLennan
(a global professional services firm) and Circle (a global crypto
finance company). The report touched on some of the security
considerations around crypto-assets – today and in the future, and in
this blog post, we delve deeper into the security paradigms
surrounding cryptocurrencies and blockchain networks.
First, some background that will provide context for this discussion.
Cryptocurrencies – A Primer
By its simplest definition, cryptocurrency is digital money that
operates on its own decentralized transaction network. When defined
holistically, many argue that cryptocurrencies and their distributed
ledger (blockchain) technology is powerful enough to radically change
the basic economic pillars of society and fundamentally alter the way
our systems of trust, governance, trade, ownership, and business
function. However, the technology is new, subject to change, and
certain headwinds related to scalability and security still need to be
navigated. It is safe to assume that the ecosystem we have today will
evolve. Since the final ecosystem is yet to be determined, as new
technology develops and grows in user adoption, the associated risk
areas will continually shift – creating new cyber security paradigms
for all network users to consider, whether you are an individual user
of cryptocurrency, a miner, a service-provider (e.g., exchange,
trading platform, or key custodian), a regulator, or a nation-state
with vested political interest.
Malicious actors employ a wide variety of tactics to steal
cryptocurrencies. These efforts can target users and their wallets,
exchanges and/or key custodial services, and underlying networks or
protocols supporting cryptocurrencies. FireEye has observed successful
attacks that steal from users and cryptocurrency exchanges over the
past several years. And while less frequent, attacks targeting
cryptocurrency networks and protocols have also been observed. We
believe cryptocurrency exchanges and/or key custodial services are,
and will continue to be, attractive targets for malicious operations
due to the potentially large profits, their often-lax physical and
network security, and the lack of regulation and oversight.
This blog post will highlight some of the various risk areas to
consider when developing and adopting cryptocurrency and blockchain technology.
Wallet & Key Management
Public and Private Keys
There are two types of keys associated with each wallet: a public
key and a private key. Each of these keys provides a different
function, and it is the security of the private key that is paramount
to securing cryptocurrency funds.
The private key is a randomly generated number used to sign
transactions and spend funds within a specific wallet, and
the public key (which is derived from the private key) is used to
generate a wallet address to which they can receive funds.
Figure 1: Private key, public key, and
address generation flow
The private key must be kept secret at all times and, unfortunately,
revealing it to third-parties (or allowing third-parties to manage and
store private keys) increases convenience at the expense of security.
In fact, some of the most high-profile exchange breaches have occurred
in large part due to a lack of operational controls relating to the
storage of private keys. Maintaining the confidentiality, integrity,
and availability of private keys requires fairly robust controls.
However, from an individual user perspective, a large number of
user-controlled software wallet solutions store the private and public
keys in a wallet file on the user’s hard drive that is located in a
well-known directory, making it an ideal target for actors that aim to
steal private keys. Easily available tools such as commercial
keyloggers and remote access tools (RATs) can be used to steal funds
by stealing (or making copies of) a user’s wallet file. FireEye has
observed myriad malware families, traditionally aimed at stealing
banking credentials, incorporate the ability to target cryptocurrency
wallets and online services. FireEye Intelligence subscribers may be
familiar with this already, as we’ve published about these malware
families use in targeting cryptocurrency assets on our FireEye
Intelligence Portal. The following are some of the more prominent
crimeware families we have observed include such functionality:
- Neptune EK
- BlackRuby Ransomware
- ImminentMonitor RAT
By definition, cryptocurrency wallets are used to store a user’s
keys, which can be used to unlock access to the funds residing in the
associated blockchain entry (address). Several types of wallets exist,
each with their own level of security (pros) and associated risks
(cons). Generally, wallets fall into two categories: hot (online) and
A wallet stored on a general computing device connected to the
internet is often referred to as a “hot” wallet. This type of storage
presents the largest attack surface and is, consequently, the riskiest
way to store private keys. Types of hot wallets typically include
user-controlled and locally stored wallets (also referred to as
desktop wallets), mobile wallets, and web wallets. If remote access on
any hot wallet device occurs, the risk of theft greatly increases. As
stated, many of these solutions store private keys in a well-known
and/or unencrypted location, which can make for an attractive target
for bad actors. While many of these wallet types offer the user high
levels of convenience, security is often the trade-off.
- Bitcoin Core
- BTC Wallet
Table 1: Types of hot wallets
If considering the use of hot wallet solutions, FireEye recommends
some of the following ways to help mitigate risk:
- Use two-factor
authentication when available (as well as fingerprint authentication
- Use trong passwords.
that your private keys are stored encrypted (if possible).
- Consider using an alternative or secondary device to access
funds (like a secondary mobile device or computer not generally used
every day) and kept offline when not in use.
Offline, also called cold wallets, are those that generate and store
private keys offline on an air-gapped computer without network
interfaces or connections to the outside internet. Cold wallets work
by taking the unsigned transactions that occur online, transferring
those transactions offline to be verified and signed, and then pushing
the transactions back online to be broadcasted onto the Bitcoin
network. Managing private keys in this way is considered to be more
secure against threats such as hackers and malware. These types of
offline vaults used for storing private keys is becoming the industry
security standard for key custodians such as Coinbase, Bittrex, and
other centralized cryptocurrency companies. Even recently, Fidelity
a statement regarding their intentions to play an integral part
of the Bitcoin’s custodial infrastructure landscape.
“Fidelity Digital Assets will provide a secure, compliant, and
institutional-grade omnibus storage solution for bitcoin, ether and
other digital assets. This consists of vaulted cold storage,
multi-level physical and cyber controls – security protocols that
have been created leveraging Fidelity’s time-tested security
principles and best practices combined with internal and external
digital asset experts.”
While more security-conscious exchanges employ this type of key
storage for their users, cold wallets are still susceptible to exploitation:
- In November 2017, ZDnet
published an article describing four methods hackers use to
steal data from air-gapped computers through what they call “covert
channels.” These channels can be broken down into four groups:
- In addition to those four types
of attacks, WikiLeaks revealed, as part of its ongoing Vault 7 leak,
a tool suite (dubbed Brutal Kangaroo, formerly EZCheese) allegedly
by the CIA for targeting air-gapped networks.
February 2018, security researchers with the Cybersecurity Research
Center at Israel’s Ben-Gurion University made use of a proof-of-concept
(PoC) malware that allowed for the exfiltration of data from
computers placed inside a Faraday cage (an enclosure used to block
electromagnetic fields). According to their research, attackers can
exfiltrate data from any infected computer, regardless if air-gapped
or inside a Faraday cage. The same group of researchers also
revealed additional ways to exploit air-gapped computers:
attack that steals sensitive information from air-gapped
computers with the help of infrared-equipped CCTV cameras that
are used for night vision
attack that can be used steal data from air-gapped computers
using radio frequency transmissions from USB connectors
attack that can steal data using sound signals emitted from
the hard disk drive (HDD) of the targeted air-gapped
that relies on heat exchange between two computer systems to
stealthily siphon passwords or security keys
that turns a computer’s video card into an FM transmitter to
technique that uses noise emitted by a computer fan to transmit
attack that relies on cellular frequencies
malware that leverages power lines to exfiltrate data from
Hardware wallets are typically a small peripheral device (such as
USB drives) used to generate and store keys, as well as verify and
sign transactions. The device signs the transactions internally and
only transmits the signed transactions to the network when connected
to a networked computer. It is this separation of the private keys
from the vulnerable online environment that allows a user to transact
on the blockchain with reduced risk.
However, hardware wallets are susceptible to exploitation as well,
such as man-in-the-middle (MitM) supply chain attacks, wherein a
compromised device is purchased. Such an event obstenibly occurred
in early 2018, when an individual purchased a compromised Nano
Ledger off of eBay, and consequently lost $34,000 USD worth of
cryptocurrency stored on the device as the attacker created their own
recovery seed to later retrieve the funds stored on the device. In
order to trick the victim, the attacker included a fake recovery seed
form inside the compromised device packaging (as seen in Figure 2).
Figure 2: Fraudulent recovery seed
document for Ledger Nano (image source: Reddit)
To help mitigate the risk of such an attack, FireEye recommends only
purchasing a hardware wallet from the manufacturer directly or through
In addition to supply-chain attacks, security researchers with
Wallet.fail have recently
disclosed two vulnerabilities in the Ledger Nano S device. One of
these vulnerabilities allows an attacker to execute arbitrary code
from the boot menu, and the other allows physical manipulation without
the user knowing due to a lack of tamper evidence. In both cases,
physical access to the device is required, and thus deemed less likely
to occur if proper physical security of the device is maintained and
unauthorized third-party purchasing is avoided.
Typically, wallet software solutions hide the process of generating,
using, and storing private keys from the user. However, a paper wallet
involves using an open-source wallet generator like BitAddress[.]org
and WalletGenerator[.]net to generate the user’s public and private
keys. Those keys are then printed to a piece of paper. While many view
this form of key management as more secure because the keys do not
reside on a digital device, there are still risks.
Because the private key is printed on paper, theft, loss, and
physical damage present the highest risk to the user. Paper wallets
are one of the only forms of key management that outwardly display the
private key in such a way and should be used with extreme caution. It
is also known that many printers keep a cache of printed content, so
the possibility of extracting printed keys from exploited printers
should also be considered.
Exchanges & Key Custodians
According to recent Cambridge
University research, in 2013 there were approximately 300,000 to
1.3 million users of cryptocurrency. By 2017 there were between 2.9
million and 5.8 million users. To facilitate this expedited user
growth, a multitude of companies have materialized that offer services
enabling user interaction with the various cryptocurrency networks. A
majority of these businesses function as an exchange and/or key
custodians. Consequently, this can make the organization an ideal
candidate for intrusion activity, whether it be spear phishing,
distributed denial of service (DDoS) attacks, ransomware, or extortion
threats (from both internal and external sources).
Many cryptocurrency exchanges and services around the world have
reportedly suffered breaches and thefts in recent years that resulted
in substantial financial losses and, in many cases, closures (Figure
3). One 2013 study found that out of 40 bitcoin exchanges analyzed,
over 22 percent had experienced security breaches, forcing 56 percent
of affected exchanges to go out of business.
Figure 3: Timeline of publicly reported
cryptocurrency service compromises
Some of the more notable cryptocurrency exchange attacks that have
been observed are as follows:
admitted that unidentified actors compromised a wallet
that was used to upgrade smart contracts. The actors
purportedly withdrew 24,984 ETH tokens ($12.5 million USD) and
229,356,645 NPXS (Pundi X) tokens (approximately $1 million
USD). The hackers also stole 3,200,000 of Bancor’s own BNT
tokens (approximately $10 million USD). Bancor did not comment
on the details of the compromise or security measures it
planned to introduce.
stole cryptocurrencies worth $30 million USD from South
Korea’s largest cryptocurrency exchange, Bithumb. According to
Cointelegraph Japan, the attackers hijacked Bithumb’s hot
admitted there was a “cyber intrusion” in its
system and an estimated 40 billion won ($37.2 million USD)
worth of coins were stolen. Police are investigating the
breach, but no further details were released.
claimed $195 million USD worth of customers’
cryptocurrency in Nano (XRB) was stolen.
Unidentified attackers stole 523 million NEM
coins (approximately $534 million USD) from the exchange’s hot
stated that NEM coins were kept on a single-signature hot
wallet rather than a more secure multi-signature wallet and
confirmed that stolen coins belonged to Coincheck
stole $7.4 million USD from users attempting to invest
during a Coindash (app platform) ICO. Coindash, which offers a
trading platform for ether, launched its ICO by posting an
Ethereum address to which potential investors could send
funds. However, malicious actors compromised the website and
replaced the legitimate address with their own ether wallet
address. Coindash realized the manipulation and warned users
only three minutes after the ICO began, but multiple
individuals had already sent funds to the wrong wallet. This
incident was the first known compromise of an ICO, which
indicates the persistent creativity of malicious actors in
large exchange for ether and bitcoin, admitted
that malicious actors stole a user database from a
computer of an employee that allegedly includes the names,
email addresses, and phone numbers of more than 31,800
customers. Bithumb stated that its internal network was not
compromised. Bithumb suggested that actors behind this
compromise used the stolen data to conduct phishing operations
against the exchange’s users in an attempt to steal currency
from its wallets, allegedly stealing cryptocurrency worth more
than $1 million USD.
compromised four hot wallets belonging to a South Korean
Bitcoin exchange, Yapizon, and stole more than 3,816 bitcoins
(approximately $5 million USD). The identity of the
responsible actor(s) and the method used to access the wallets
remain unknown. However, Yapizon stated that there was no
insider involvement in this incident.
actor(s) stole almost 120,000
bitcoins ($72 million USD at the time), from clients’
accounts at Bitfinex, an exchange platform in Hong Kong. How
the breach occurred remains unknown, but the exchange made
some changes to its systems after regulatory scrutiny.
speculate that complying with the regulators’
recommendations made Bitfinex vulnerable to theft.
Kong-based Gatecoin announced
that as much as $2 million USD in ether and bitcoin were lost
following an attack that occurred over multiple days. The
company claimed that a malicious actor altered its system so
ether deposit transfers went directly to the attacker’s wallet
during the breach.
exchange KipCoin announced
that an attacker gained access to its server in 2014 and
downloaded the wallet.dat file. The malicious actor stole more
than 3,000 bitcoins months later.
via its website that it lost 7,170 bitcoins, ($1.75 million
USD at the time). The company claimed that the bitcoins were
stolen from its cold wallet.
that multiple operational wallets were compromised, which
resulted in the loss of 19,000 bitcoins. The company received
multiple phishing attempts in the months prior to the theft.
One employee allegedly downloaded a malicious file that gave
the attacker access to servers that contained the wallet.dat
file and passphrase for the company’s hot wallet.
exchange BTER claimed
that an attacker stole 50 million NXT, ($1.65 million USD at
the time). The company claims the theft was possible following
an attack on one of its hosting servers. The company reportedly
negotiated the return of 85 percent of the stolen funds from
that an attacker accessed 8 million VeriCoins ($1.8 million
USD) in the company’s hot wallet. The attackers exploited a
vulnerability in its withdrawal system that allowed them to
bypass security controls to withdraw the funds.
Mt. Gox, one of the largest
cryptocurrency exchanges, filed for bankruptcy following a
theft of 850,000 bitcoins (approximately $450 million USD at
the time) and more than $24 million USD from its bank
accounts. A bug in the exchange’s system that went
unidentified for years allegedly enabled this compromise.
Additionally, some speculated that an insider could have
conducted the theft. Notably, recent reports
revolving around the arrest of the founder of BTC-e (Alexander
Vinnik) suggest he was responsible for the attack on Mt.
Table 2: Sample of observed exchange breaches
As little oversight is established for cryptocurrency exchanges and
no widely accepted security standards exist for them, such incidents
will likely persist. Notably, while these incidents may involve
outsiders compromising exchanges’ and services’ systems, many of the
high-profile compromises have also sparked speculations that insiders
have been involved.
While there has yet to be an in-the-wild attack that has caused
significant harm to the Bitcoin network itself, remember the Bitcoin
software is just that: software. Developers have identified 30
common vulnerabilities and exposures (CVEs) since at least 2010,
many of which could have caused denial of service attacks on the
network, exposure of user information, degradation of transaction
integrity, or theft of funds.
The most recent software bug was a transaction
validation bug that affected the consensus rules; essentially
allowing miners to create transactions that weren’t properly validated
and contained an extra input – which could have ultimately been
exploited to create an amount of bitcoin from nothing. This
vulnerability went unnoticed for two years, and fortunately was
Running any peer-to-peer (P2P) or decentralized and distributed
software is risky because each individual user has the responsibility
to upgrade software when bugs are found. The more people who fail to
update their software in a timely manner, the greater the chance of
those nodes being exploited or used to attack the network.
Scaling & Attack Surface
At the time of this post, scaling blockchain networks to the size
required to support a truly global payment system still presents a
problem for the new technology and is an area of contention among
developers and industry players. To address this, many developers are
working on various scaling solutions. The following are some of the
proposed solutions and the risks associated with each:
One proposed suggestion is to increase the block size, which
consequently shifts the cost of scaling to miners and those who
operate nodes. Some argue that this could introduce the risk of
centralization, because the only larger organizations that can meet
the bandwidth and storage demands of ever-increasing block sizes can
support this type of solution.
Some of the more popular blockchain scaling solutions for
crypto-assets often depend on layering networks and system
architectures on top of the base protocol – also referred to as “layer
two” (L2) scaling. This allows users to conduct transactions
“off-chain” and only occasionally synchronize them with the Bitcoin
blockchain. Many argue that this is similar to how legal contracts are
enforced; you don’t need to go to court each time a legal contract is
written, agreed upon, and executed. And this is something that already
occurs frequently in Bitcoin, as the vast majority of transactions
happen offline and off-chain within large exchanges’ and merchant
providers’ cold storage solutions.
However, two choices for off-chain scaling exist:
Off-chain Private Databases
This solution involves pushing transactions off-chain to a privately
managed database where transaction can be settled and then
occasionally synced with the Bitcoin blockchain. However, in creating
this second layer of private “off-chain” transaction processing, an
element of trust is introduced to the system, which unfortunately
introduces risk. When transactions occur “off-chain” in a centralized
private database, there is risk of improperly secured centralized
ledgers that can be falsified or targeted for attack.
Off-chain Trustless Payment Channels
Another L2 solution would be to push transactions off-chain – not
onto a private database, but to a trustless decentralized routing
network. There are two primary L2 solutions being developed: The
Liquid Network (for Bitcoin) and Raiden (for Ethereum).
However, a critique of this type of scaling solution is that the
accounts used on this layer are considered hot wallets, which presents
the largest attack surface. This makes it the riskiest way to store
funds while also creating a valuable target for hackers. If an
attacker is able to identify and access a user’s L2 node and
associated wallet, they could transmit all funds out of the user’s wallet.
Lightning and Raiden as scaling solutions are still relatively new
and experimental, so it’s unknown whether the they will be globally
accepted as the preferred industry scaling solution. Additionally,
because this layered development is still new and not widely
implemented, at the time of this post there has not yet been an
instance or proof of concept attack against L2 networks.
Network & Protocol Attacks
Actors may also attempt to directly exploit a cryptocurrency P2P
network or cryptographic protocol to either steal cryptocurrency or
disrupt a cryptocurrency network. Albeit rare, successful attacks of
this nature have been observed. Examples of attack vectors that fall
into this category include the following:
The 51% attack refers to the concept that if a single malicious
actor or cohesive group of miners controlled more than 50 percent of
the computing capability validating a cryptocurrency’s transactions,
they could reverse their own transactions or prevent transactions from
being validated. While previously considered theoretical, 51% attacks
have been recently observed:
- In early April 2018, the
cryptocurrency Verge reportedly
suffered a 51% attack, which resulted in the attacker being able
to mine 1,560 Verge coins (XVG) every second for a duration of three
- In May 2018, developers notified various
cryptocurrency exchanges of a 51% attack on Bitcoin Gold. According
to a report by Bitcoinist,
the attack cost exchanges nearly $18 million.
- Following the
Bitcoin Gold attack, in June 2018, ZenCash
became another target of the 51% attack, in which attackers siphoned
$550,000 USD worth of currency from exchanges.
Companies such as NiceHash
offer a marketplace for cryptocurrency cloud mining in which
individuals can rent hashing power. Couple the information available
from sites like Crypto51,
which calculates the cost of performing 51% attacks, and it presents
an attractive option for criminals seeking to disrupt cryptocurrency
networks. While these types of attacks have been observed, and are no
longer theoretical, they have historically posed the most risk to
various alt-coins with lower network participation and hash rate.
Larger, more robust, proof-of-work (PoW) networks are less likely to
be affected, as the cost to perform the attack outweighs potential profit.
We anticipate that as long as the cost to perform the 51% attack and
the likelihood of getting caught remains low, while the potential
profit remains high, actors will continue showing interest in these
types of attacks across less-robust cryptocurrency networks.
A Sybil attack occurs when a single node claims to be
multiple nodes on the P2P network, which many see as one of the
greatest security risks among all large-scale, peer-to-peer networks.
A notable Sybil attack (in conjunction with a traffic confirmation
the Tor anonymity network occurred in 2014, spanned the course
of five months, and was conducted by unknown actors.
As it pertains to cryptocurrency networks in particular, attackers
performing this type of attack could perform the following:
- Block honest users from
the network by outnumber honest nodes on the network, and refusing
to receive or transmit blocks.
- Change the order of
transactions, prevent them from being confirmed, or even reverse
transactions that can lead to double spending by controlling a
majority of the network computing power in large-scale attacks.
described by Microsoft researcher John Douceur, many P2P networks
rely on redundancy to help lower the dependence on potential hostile
nodes and reduce the risk of such attacks. However, this method of
mitigation falls short if an attacker impersonates a substantial
fraction of the network nodes, rendering redundancy efforts moot. The
suggested solution to avoiding Sybil attacks in P2P networks, as
presented in the research, is to implement a logically centralized
authority that can perform node identity/verification. According to
the research, without implementing such a solution, Sybil attacks will
always remain a threat “except under extreme and unrealistic
assumptions of resource parity and coordination among entities.”
An eclipse attack involves an attacker or group controlling a
significant number of nodes and then using those nodes to monopolize
inbound and outbound connections to other victim nodes, effectively
obscuring the victim node’s view of the blockchain and isolating it
from other legitimate peers on the network. According to security
researchers, aside from disrupting the network and filtering the
victim node’s view of the blockchain, eclipse attacks can be useful in
launching additional attacks once successfully executed. Some of these
- Engineered Block
Races: Block races occur in mining when two miners discover blocks
at the same time. Generally, one block will be added to the chain,
yielding mining rewards, while the other block is orphaned and
ignored, yielding no mining reward. If an attacker can successfully
eclipse attack miners, the attacker can engineer block races by
hoarding blocks until a competing block has been found by
non-eclipsed miners – effectively causing the eclipsed miners to
waste efforts on orphaned blocks.
- Splitting Mining Power:
An attacker could use eclipse attacks to effectively cordon off
fractions of miners on a network, thereby eliminating their hashing
power from the network. Removing hashing power from a network allows
for easier 51% attacks to occur given enough miners are effectively
segmented from the network to make a 51% attack profitable.
On Jan. 5, 2019, the cryptocurrency company Coinbase
detected a possible eclipse + 51% attack effecting the Ethereum
Classic (ETC) blockchain. The attack involved malicious nodes
surrounding Coinbase nodes, presenting them with several deep chain
reorganizations and multiple double spends – totaling 219,500 ETC
(worth at the time of this reporting roughly $1.1 million USD).
While eclipse attacks are difficult to mitigate across large-scale
P2P networks, some fixes can make them more difficult to accomplish.
FireEye recommends implementing the following, where applicable, to
help reduce the risk of eclipse attacks:
- Randomized node selection
when establishing connections.
- Retain information on other
nodes previously deemed honest, and implement preferential
connection to those nodes prior to randomized connections (this
increases the likelihood of connecting to at least one honest
How the Public and Private Sector Can Help Mitigate Risk
Public Sector Priorities
As blockchain technology continues to develop, and issues like
scaling, security, and identity management are addressed, it is safe
to assume the ecosystem we have today will not look like the ecosystem
of tomorrow. Due to this, the public sector has generally maintained a
hands-off approach to allow the space to mature and innovate before
implementing firm regulations. However, in the future, there are
likely to be certain key areas of regulation the public sector could
- Virtual Currencies (tax
implications, asset classification)
- Data encryption
- Identity Management (KYC and FCC)
Private Sector’s Role
Because of the public sector’s wait-and-see approach to regulation,
it could be argued that the private sector should have a more active
role in securing the technology as it continues to mature. Private
sector leaders in software and network development, hardware
manufacturing, and cyber security all have the ability to weigh in on
blockchain development as it progresses to ensure user security and
privacy are top priorities. Universities and independent research
groups should continue to study this emerging technology as it develops.
While no widely promoted and formal security standards exist for
cryptocurrency networks at the time of this post, The Cryptocurrency
Certification Consortium (C4) is actively developing the Cryptocurrency
Security Standard (CCSS), a set of requirements and framework to
complement existing information security standards as it relates to
cryptocurrencies, including exchanges, web applications, and
cryptocurrency storage solutions.
Cyber Security Community
From a cyber security perspective, we should learn from the
vulnerabilities of TCP/IP development in the early days of the
internet, which focused more on usability and scale than security and
privacy – and insist that if blockchain technology is to help
revolutionize the way business and trade is conducted that those two
areas of focus (security and privacy) are held at the forefront of
blockchain innovation and adoption. This can be achieved through
certain self-imposed (and universally agreed upon) industry standards, including:
- Forced encryption of
locally stored wallet files (instead of opt-in options).
- Code or policy rule that requires new wallet and key generation
when user performs password changes.
- Continued development
and security hardening of multi-sig wallet solutions.
- Emphasis on and clear guidelines for responsible bug
- Continued security research and public reporting
on security implications of both known and hypothetical
vulnerabilities regarding blockchain development.
protocols and implementations to determine what threats they
face, and providing guidance on best practices.
While blockchain technology offers the promise of enhanced security,
it also presents its own challenges. Greater responsibility for
security is often put into the hands of the individual user, and while
some of the security challenges facing exchanges and online wallet
providers can be addressed through existing best practices in cyber
security, linking multiple users, software solutions, and integration
into complex legacy financial systems creates several new cyber
To maintain strong network security, the roles and responsibilities
of each type of participant in a blockchain network must be clearly
defined and enforced, and the cyber security risks posed by each type
of participant must be identified and managed. It is also critical
that blockchain development teams understand the full range of
potential threats that arise from interoperating with third parties
and layering protocols and applications atop the base protocols.
The value and popularity of cryptocurrencies has grown significantly
in the recent years, making these types of currencies a very
attractive target for financially motivated actors. Many of the
aforementioned examples of the various attack vectors can be of high
utility in financially motivated operations. We expect cyber crime
actors will continue to demonstrate high interest in targeting
cryptocurrencies and their underlying network protocols for the