Unconfigured Ad Widget

Collapse

Anúncio

Collapse
No announcement yet.

Blockchain Security Getting Started Notes (Series 1-10 Full Version)

Collapse
X
 
  • Filter
  • Tempo
  • Show
Clear All
new posts

  • Font Size
    #1

    Dica Blockchain Security Getting Started Notes (Series 1-10 Full Version)

    Blockchain Security Getting Started Notes (Series 1-10 Full Version)
    Author: Slow fog security team


    Although more and more people are involved in the blockchain industry, because many people have not touched the blockchain before, and have no relevant security knowledge, the security awareness is weak, which makes it easy for attackers. There is space to drill. In the face of numerous security issues in the blockchain, Slow Fog has launched a blockchain security entry notes series to introduce ten blockchain security related terms, so that novices can adapt to the security of the blockchain crisis.

    1 - Wallet

    Wallet is a tool for managing private keys. Digital currency wallets come in many forms, but they usually contain a software client that allows users to check, store, and trade their digital currency through their wallet. It is the infrastructure and an important entry point into the blockchain world.

    According to SlowMist Hacked, the total amount of wallet blackouts caused by “fishing” and “third-party hijacking” in 2018 was US$69,160,985. It is fundamental, except that some wallets themselves are not comprehensive enough for attack defense. The main thing is that the security of the wallet holders is not strong.



    Cold wallet

    Cold Wallet is an offline wallet that is disconnected from the Internet and is a wallet that stores digital currency offline. The user generates a digital currency address and private key on an offline wallet and saves it. A cold wallet stores digital currency without any network, so it is difficult for a hacker to enter the wallet to obtain a private key, but it is not absolutely secure. Insecure random numbers can also cause this cold wallet to be unsafe. In addition, hardware damage and loss may also cause loss of digital currency, so a backup of the key is required.

    Hot Wallet
    Hot Wallet is an online wallet that requires a network connection and is more convenient to use. However, since the hot wallet generally needs to be used online, the personal electronic device may be hacked to steal the wallet file, capture the wallet password or crack the encrypted private key, and the centralized management wallet is not absolutely safe. Therefore, when using a centralized exchange or wallet, it is best to set different passwords on different platforms and open secondary authentication to ensure the security of your assets.

    Public key
    The Public Key is paired with the private key and is combined with the private key to form a key pair, which is stored in the wallet. The public key is generated by the private key, but the private key cannot be reversed by the public key. The public key can get the address of the wallet through a series of algorithm operations, so it can be used as a voucher for the wallet address.

    Private key
    A private key (Private Key) is a string of data generated by a random algorithm. It can calculate the public key through an asymmetric encryption algorithm, and the public key can calculate the address of the coin. The private key is very important, as a password, except for the owner of the address, it is hidden. The blockchain asset is actually in the blockchain. The owner actually only has the private key and has absolute control over the assets of the blockchain through the private key. Therefore, the core problem of blockchain asset security lies in the storage of the private key. The owner must be safely kept.

    Compared with the traditional username and password form, the biggest advantage of using public and private key transactions is to improve the security and integrity of data transfer. Because of the corresponding relationship, the user basically does not have to worry about the data being transmitted. The possibility of being intercepted or modified by a hacker. At the same time, because the private key encryption must be decrypted by the public key it generates, the sender does not have to worry about the data being forged by others.


    Mnemonic
    Since the private key is a long list of meaningless characters, it is more difficult to remember, so the Mnemonic appears. The mnemonic uses a fixed algorithm to convert the private key into more than a dozen common English words. The mnemonic and private keys are interoperable and can be converted to each other. It is only a friendly format for the private key of the blockchain digital wallet. So here is the emphasis: the mnemonic is the private key! Because of its plaintext, it is not recommended to save it electronically, but to copy it on physical media, which complements Keystore as a dual backup.

    Keystore
    Keystore is mainly used in the Ethereum wallet app (bitcoin is similar to the Ethereum Keystore mechanism: BIP38). It encrypts the private key through the wallet password. Unlike the mnemonic, it can be saved as text or JSON. Format storage. In other words, the Keystore needs to be decrypted with the wallet password to be equivalent to the private key. Therefore, Keystore needs to use the wallet password to import the wallet. When a hacker steals a Keystore, it is possible to hack the Keystore password to unlock the Keystore without a password. Therefore, it is recommended that the user be slightly more complicated when setting the password, such as taking special characters, at least 8 or more, and storing it securely.

    Due to the bundling of blockchain technology, the blockchain digital wallet has a higher safety factor than other digital wallets. The most critical ones are two points: anti-theft and anti-lost. Compared to the diversification of the reasons for the money-for-money incident, there are five main reasons for the currency loss incident: no backup, lost backup, forgotten password, backup error, and lost or damaged equipment. Therefore, when we back up a blockchain digital wallet, we must make multiple and multiple backups of the private key, mnemonic, and Keystore, and kill the risk of losing money in the cradle. Finally, I will provide you with a wallet security “Ten Principles” from the summary of imToken :

    Do not use unbacked wallets

    Do not use mail to transfer or store private keys

    Do not use WeChat collection or cloud backup to store private keys

    Do not take a screenshot or take a photo to save the private key

    Do not use WeChat, QQ transmission private key

    Don't tell the person around you the private key

    Don't send the private key to the group

    Do not use an unknown source wallet app from a third party

    Do not use Apple IDs provided by others

    Do not import private keys into unknown third-party website
    s

    Public Block Chain


    Public Blockchain (referred to as the public chain) refers to the consensus blockchain that anyone in the world can read at any time, anyone can send a transaction and can obtain valid confirmation. The public chain is generally considered to be completely decentralized. The data on the chain is open and transparent, and cannot be changed. Anyone can read and write data through trading or mining. Tokens are generally used to encourage participants to compete for accounting to ensure data security.

    Because the workload of detecting all the public chains is very large, it is impossible for a company to monitor the entire blockchain ecological security problem, which makes it very likely that hackers will find loopholes in many public chains. On April 1, 2017, Stellar experienced an inflation loophole that an attacker used to create the 2.25 billion Stellar cryptocurrency XLM, which was worth about $10 million.



    Exchange
    Similar to stock exchanges that buy and sell stocks, blockchain exchanges are platforms for the trading of digital currencies. Digital currency exchanges are further divided into centralized exchanges and decentralized exchanges.

    Decentralized exchanges: Trading behavior occurs directly on the blockchain, and digital currencies are sent directly back to the user's wallet or to smart contracts that are stored on the blockchain. The advantage of trading directly on the chain is that the exchange does not hold a large amount of digital currency for the user, and all digital currencies are stored on the smart contract of the user's wallet or platform. Decentralized transactions are decentralized at the level of trust through technical means. It can be said that there is no need for trust. Each transaction is transparent through the blockchain. It is not responsible for keeping the user's assets and private keys. The ownership of the user funds is completely In my own hands, I have very good personal data security and privacy. Currently decentralized trading on the market, all WhaleEx, Bancor, dYdX, etc.

    Centralized exchanges: Most of the current hot exchanges are exchanges that use centralized technology. Users usually register on the platform and after a series of identity authentication procedures (KYC), they can start trading digital currency on it. . When a user uses a centralized exchange, the currency exchange does not necessarily occur on the blockchain. Instead, the user may only modify the asset numbers in the exchange database. What the user sees is only the change in the number on the book. Prepare sufficient digital currency for remittance when the user withdraws money. Most of the current mainstream transactions are completed in the centralized exchanges. Currently, the centralized transactions on the market are all currency, fire, OKEx and so on.

    As the exchange is the hub of the connected blockchain world and the real world, it stores a large amount of digital currency, which is very easy to become the target of hackers. Up to now, the global digital currency exchange has suffered losses of more than 2.9 billion dollars due to security problems. (Data source SlowMist Hacked).


    In the field of digital currency, the pace of attack by the attackers has never stopped. Under the fierce attack and defense confrontation, the defensive side is absolutely weak, and its attack methods are various. We will introduce them in the following articles. Professional hackers often open targeted attacks against digital currency exchanges. Therefore, the slow fog security team recommends that all exchanges strengthen security construction, and do a good job of risk control and internal control security, so as to: "early discovery, early warning, early stop loss."

    Node

    In the traditional Internet field, all data running of an enterprise is concentrated in a centralized server, and this server is a node. Since the blockchain is a decentralized distributed database, it is composed of thousands of "small servers". Each node in the blockchain network is equivalent to every computer or server that stores all block data. The production of all new blocks, as well as the verification and accounting of transactions, and broadcasting them to the entire network are all done by the nodes. The nodes are divided into "all nodes" and "light nodes". The whole node is the node that owns all the transaction data of the whole network, then the light node is only the transaction data node related to itself. Since every whole node retains the entire network data, which means that one of the nodes has problems, the entire blockchain network world can still operate safely, which is also the charm of decentralization.

    RPC
    Remote Procedure Call (RPC) is a computer communication protocol. The Ethereum RPC interface is a window in which Ethereum nodes interact with other systems. Ethereum provides various RPC calls: HTTP, IPC, WebSocket, and so on. In the Ethereum source code, server.go is the core logic responsible for the injection of API services, as well as request processing and return. Http.go implements HTTP calls, websocket.go implements WebSocket calls, and ipc.go implements IPC calls. The Ethereum node provides a JSON RPC interface by default on the 8554 port. The data transmission is in JSON format. It can execute various commands of the Web3 library and provide information on the blockchain to the front end (for example, wallet clients such as imToken and Mist).

    Ethereum Black Valentine's Day Vulnerability ETH Black Valentine's Day
    On March 20, 2018, the Slow Mist Security team observed an automated attack on the counterfeit currency. The attacker used the Ethereum node Geth/Parity RPC API to identify the defect and maliciously called eth_sendTransaction to replace the coin for two years. The value of the stolen and unreturned Ethereum is as high as $20 million (based on the current ETH market value) and there are 164 token types. The total value is difficult to estimate (many tokens are not yet officially traded on the exchange). issued).

    Consensus
    The consensus algorithm is mainly to solve the problem of achieving consistent results for a certain state among multiple nodes in a distributed system. The distributed system is processed by multiple service nodes to complete the transaction. The data state of multiple copies in the distributed system needs to be consistent. Due to the unreliability of nodes and the instability of communication between nodes, even nodes do evil, forging information, causing data state inconsistency between nodes. Through the consensus algorithm, multiple unreliable individual node groups can be built into a reliable distributed system to achieve data state consistency and improve system reliability.

    The blockchain system itself is a very large-scale distributed system, but it is significantly different from traditional distributed systems. Since it does not depend on any central authority, the system is based on a decentralized peer-to-peer network, so the decentralized nodes need to agree on the validity of the transaction, which is where the consensus algorithm works, that is, to ensure that all nodes All comply with the rules of the agreement and ensure that all transactions are conducted in a reliable manner. Consensus algorithm implementation agrees on the processing order of transactions among scattered nodes, which is the most important role played by consensus algorithms in the blockchain system.

    The consensus algorithm in the blockchain system also undertakes some of the functions of the incentive model and the governance model in the blockchain system. In order to solve the problem of how a mutually independent node reaches a resolution problem in a peer-to-peer network (P2P). In short, consensus algorithms are a problem in how to maintain consistency in a distributed system.

    Work Proof of PoW (Proof of Work)
    PoW (Proof of Work) is the first successful decentralized blockchain consensus algorithm in history. The workload proved to be familiar to most people and is widely used by mainstream public chains such as Bitcoin, Ethereum, and Litecoin.

    Workload proofs require node participants to perform computationally intensive tasks, but are easier to verify for other network participants. In the example of Bitcoin, miners compete to add the collected transactions, ie blocks, to the blockchain books maintained by the entire network. In order to do this, the miner must first accurately calculate the "nonce", which is a number added at the end of the string to create a hash value that satisfies a specific number of zeros at the beginning. However, there are disadvantages such as a large amount of mining power consumption and low transaction throughput.

    Proof of Stake
    PoS (Proof of Stake) - a probabilistic proof mechanism, a mainstream blockchain consensus algorithm, designed to allow consensus among distributed nodes in a blockchain, often with the Proof of Work Appeared, both are considered to be one of the mainstream algorithms in the blockchain consensus algorithm. As an algorithm, it agrees with the consent of the holder to determine a new block. This process does not require hardware and power and is more efficient than PoW.

    The concept of Stake was introduced in the PoS Consensus. The holder of the currency will perform Staking on behalf of the token. All participants are required to mortgage a part of the Token they have to verify the transaction, and then get a chance to get a block. The PoS consensus will pass the election algorithm. The proportion of the currency held and the duration of the Token mortgage, or some other way, select the miners who pack the block. The miner completes the package transaction at the specified altitude, generates a new block, and broadcasts the block. The broadcast block passes another "threshold" in the PoS consensus, and the verifier verifies the transaction. After verification, the block is confirmed. This round of PoS consensus process is completed. Proof of interest prevents bad behavior by long-term binding of the benefits of the verifier and the interests of the entire network. After the token is locked, if the verifier has a fraudulent transaction, the Token they are mortgaged will also be cut.

    PoS research is still moving forward. Security, performance and decentralization have always been the direction that PoS is pursuing. More PoS projects will be launched in the future. In order to better observe the running status of the public chain, the security anomaly is monitored in real time. The slow fog is deployed on EOS, BOSCORE, FIBOS, YOYOW, IoTeX, COSMOS, and it is deployed in the security field, focusing on the stability and security of the node.

    Debt Proof of Stake
    Entrusted proof of entitlement, its prototype was born on December 8, 2013. Daniel Larimer first talked about the use of voting to select the blocker in bitsharetalk, instead of the possibility that the election random number in PoS could be manipulated. In DPoS, each holder can vote, thereby generating a certain number of representatives, or understanding a certain number of nodes or pools, and their rights are exactly equal to each other. Holders can change these representatives at any time by voting to maintain the “long-term purity” of the chain system. To a certain extent, this is very similar to the representative system in state governance, or the system of deputies to the people's congress. The biggest advantage of this kind of system is that it solves the problem of inefficiency caused by too many verifiers. Of course, this system also has obvious shortcomings. Because of the "representative" system, it has been suffering from centralization.

    Malicious mining attack Cryptojacking Attack
    Cryptojacking is a malicious act that refers to the hijacking of user equipment to mine cryptocurrencies without authorization. Often, an attacker hijacks the processing power and bandwidth of a victim device (a personal PC or server). Because cryptocurrency mining requires a lot of computing power, an attacker can try to infect multiple devices at the same time, so they can collect enough computing power. Perform such low-risk and low-cost mining activities.

    General malicious mining software will induce users to load mining code on the computer, or inadvertently be hidden by using phishing-like methods such as malicious links, emails or implanting mining scripts on the website. The encrypted mining program infects and completes the attack. In recent years, as the price of cryptocurrencies has risen, more sophisticated malware has been developed, resulting in endless stream of malicious mining attacks.

    Here we provide you with several suggestions to prevent malicious mining attacks:

    Pay attention to device performance and CPU utilization

    Install mining script isolation plugins on web browsers such as MinerBlock, NoCoin and Adblocker

    Beware of email attachments and links

    Install a trusted anti-virus software to keep your software applications and operating system up-to-date

    No interest attack Nothing at Stake Attack
    Nothing at Stake Attack is a problem to be solved under the PoS consensus mechanism. The nature of the problem can be simply summarized as “no cost, no limit of benefits”.

    When the PoS consensus system has a fork (Fork), the block node can be out of the two forks without any loss; no matter which fork is recognized as the main chain, Nodes can get "all revenue" without any cost loss. This makes it easy to give some nodes a power to generate new forks, support or initiate illegal transactions, and other profit-seeking nodes will queue up on multiple chains (windows) to support new forks. . As time goes on, there are more and more forks, illegal transactions, and madness. The blockchain will no longer be the only chain, and there is no way for all the block nodes to reach a consensus.

    In order to prevent such a situation from happening, many of the solutions of the PoS consensus mechanism are to introduce a penalty mechanism to perform economic slashing on the evil nodes to establish a more stable network. DPoS is actually one of the solutions for non-interest attacks. From the above we can see that the DPoS mechanism is chosen by the holder to export the block node to operate the network, and the block node will distribute a part of the reward to the voter.

    Multi-sign Multi-sig
    Multi-sig refers to operations that require multiple signatures to be performed (these signatures are generated by different private keys). This can be used to provide greater security, even if a single private key is lost, the attacker will not be granted access to the account, and multiple trusted parties must approve the update at the same time, otherwise it will be invalid.

    As we all know, in general, a bitcoin address corresponds to a private key, and the funds in this address need to be signed by the holder of the private key. Multi-signature technology, in simple terms, requires multiple private key signatures to be effective when using a single fund. One advantage of multi-signing is that you can reach a consensus on a payment in order to pay for success.

    Double Flower Attack Double Spend Attack
    The Double Spend Attack takes two sums of money, double paying, and uses the digital feature of the currency to use two or more “same money” to complete the payment. Double flowers won't generate new Tokens, but they can get back the money they spent. To put it simply, the attacker transfers a token to another address, usually by going to the exchange to cash out, and then using some attack methods to roll back the transfer transaction. There are several common techniques that can trigger a double flower attack:

    Race Attack
    This kind of attack mainly achieves double flowers by controlling the miners' fees. The attacker simultaneously sends two transactions to the network, and a transaction is sent to himself (in order to increase the probability of successful attack, he adds enough miners to the transaction) and a transaction is sent to the merchant. Since the transaction sent to them contains a high fee, the probability that the miner will be preferentially packaged into the block is relatively high. At this time, the transaction will be prior to the transaction sent to the merchant, and the transaction sent to the merchant will be rolled back. For the attacker, by controlling the miners' fees, the "double flower" of the same token is realized.

    2. Finney Attack
    The attacker mainly achieves double-flowering by controlling the broadcast time of the block, and the attack object is aimed at the merchant that accepts the 0 confirmation. Suppose the attacker digs into a block that contains a transaction, that is, A to B has transferred a certain number of tokens, where A and B are the addresses of the attacker. But the attacker does not broadcast the block, but immediately finds a merchant who is willing to accept the 0 confirmation transaction to purchase an item from him, send a transaction to the merchant, pay with A to the merchant's address C, and send the transaction to the merchant. After going out, the attacker broadcasts the block that he dug before, because the transaction sent to himself is prior to the transaction sent to the merchant. For the attacker, the same time is achieved by controlling the broadcast time of the block. Token's "double flower".

    3. Vector76 attack
    Vector76 Attack is also known as "one-time confirmation attack", that is, it can still be rolled back after the transaction is confirmed once. It is a combination of Finney Attack and Race Attack.

    The attacker creates two nodes, node A connects to the merchant node, and node B connects to other nodes in the blockchain network. Then, the attacker initiates two transactions with the same token, a transaction is sent to the merchant address, which we call transaction 1; a transaction is sent to our wallet address, which we call transaction 2. Like the Race Attack mentioned above, the attacker added a higher miner fee to transaction 2 to increase the miners' packing probability. At this point, the attacker did not broadcast the two transactions to the network.

    Next, the attacker begins mining on the branch where transaction 1 is located. This branch is named branch 1. After the attacker digs into the block, it does not broadcast it, but does two things at the same time: send transaction 1 on node A and transaction 2 on node B.

    Since node A only connects to the merchant node, when the merchant node wants to pass transaction 1 to other peer nodes, node B, which has more nodes connected, has already broadcast transaction 2 to most of the nodes in the network. Thus, in terms of probability, transaction 2 is more likely to be considered valid by the network, and transaction 1 is considered invalid.

    After transaction 2 is considered valid, the attacker immediately broadcasts the block that he had previously dug on branch 1 to the network. At this time, the merchant that accepts the payment once will confirm that the transaction is successful, and then the attacker can immediately realize and transfer the assets.

    At the same time, due to the more nodes connected by branch 2, the miner dug another block on this branch, that is, the chain length of branch 2 is greater than the chain length of branch 1. As a result, the transaction on branch 1 will be rolled back, and the transaction information previously paid by the merchant to the attacker will be cleared, but the attacker has already withdrawn the money and realized double spending.

    4. 51% attack
    The attacker occupies more than 50% of the computing power of the entire network. During the time when the attacker controls the computing power, he can create a new chain with a height greater than the original chain. Then the trades in the old chain will be rolled back, and the attacker can use the same token to send a new transaction to the new chain.



    At present, the attack methods of public chain security incidents are mostly 51% attacks. The loss caused by the attacker's mastery of 51% of attacks is 19,820,000 dollars. On January 6, 2019, the slow fog area warned of the possibility of a 51% power attack on the ETC network. According to the Coinbase blog, the attacker launched a total of 15 attacks, 12 of which included double flowers, totaling 219,500 ETC stolen. (At the prevailing market price of about $1.1 million), the attackers were carefully prepared to launch a 51% attack on ETC through a large amount of computing power, and the cumulative revenue was over 10 times. Exchanges such as Gate.io, Yobit, and Bitrue were affected. Fortunately, with the efforts of the entire ETC eco-community, the attacker returned the proceeds of the attack a week later, but fortunately did not cause further losses.

    Soft fork Soft-fork
    Soft-fork is more of a protocol upgrade. When the new consensus rule is released, the old node that has not been upgraded will not realize that the code has changed, and continue to produce illegal blocks. A temporary fork will result, but the new node will be compatible with the old node, ie the old and new nodes will always work on the same chain.

    Hard forked Hard-fork
    Hard-fork is a permanent divergence in the blockchain. After the new consensus rule is issued, the upgraded node cannot verify the block generated by the un-upgraded node. The un-upgraded node cannot verify the generated node. Blocks, that is, old and new nodes are incompatible with each other. Usually, hard forks will occur. The original normal chain is divided into two chains (one chain that has been upgraded and one that has not been upgraded, and the two chains are not compatible).

    The well-known hard fork event in history was The DAO event. As a well-known project in Ethereum, the hackers stole ETH worth about 60 million US dollars due to the vulnerabilities of smart contracts. Huge loss. In order to make up for this loss, in July 2016, the Ethereum team revised the Ethereum contract code to implement a hard fork, and forced all funds of The DAO and its sub-DAO to a specific refund contract in the 929000th block. The address, in turn, "recaptures" the currency on the DAO contract controlled by the hacker. But this modification was rejected by some miners, thus forming two chains, one for the original chain (Ethernet Classic, ETC) and one for the new fork chain (ETH), each representing the consensus and values ​​of different communities.



    Alien Attack
    Alien Attack is actually a problem that all public chains may face. It is also called address pool pollution. It refers to an attack method that induces nodes of the same chain to invade and pollute each other. The main reason for the vulnerability is the same chain. The system does not identify nodes of different chains on the communication protocol.

    This kind of attack is reproduced in some public links that are implemented with reference to the Ethereum communication protocol: Ethereum's similar chain, because the compatible handshake protocol is used, it is impossible to distinguish whether the nodes belong to the same chain. With this, the attacker first Ethereum node address collection and malicious handshake operation, through the purpose of shaking hands with the node to achieve the purpose of polluting the address pool, so that the nodes of different chains shake hands and push the known nodes in the respective address pool to the other party, resulting in more nodes. Mutual pollution and eventually spread to the entire network. A node that is attacked by an alien attack usually has a degraded communication performance, which eventually causes the node to be blocked and the main network to be abnormal. The relevant public chain needs to pay attention to continuously maintain the monitoring of the health status of the main network, so as to avoid the occurrence of attack events that affect the stability of the main network.

    For details, please refer to the Slow Fog Safety Team Technology Paper: Conflicting Public Chain! Alien Attack Vulnerability from P2P Protocol

    Phishing attack Phishing
    The so-called "Phishing" refers to an attacker who pretends to be a trusted person or institution, through email, communication software, social media, etc., to obtain the recipient's username, password, private key, etc. information. As technology evolves, phishing attacks can not only host a variety of malware and ransomware attacks, but even worse, these attacks are on the rise.

    On February 19, 2018, a hacker organization in Ukraine stole value from the well-known cryptocurrency wallet Blockchain.info by purchasing a keyword advertisement related to cryptocurrency in the Google search engine, a malicious website link disguised as a legitimate website. $50 million in digital cryptocurrency. In addition to the above-mentioned domain name phishing attacks (that is, using URLs similar to the official website), other types of phishing attacks include mail phishing attacks, Twitter 1 for 10 (paying 0.5-10 ETH rebate 5-100 ETH), fake apps, and fake staff. Wait. In June 2019, an attacker sent extortion information to multiple exchanges and gained more than $400,000 through a mail phishing attack.

    The Slow Mist Security team advises users to be vigilant. Every piece of information obtained through instant messaging apps, text messages or emails needs to be treated with caution. Do not enter credentials or private keys on websites that arrive by clicking on the link, as much as possible during the transaction. Using hardware wallet and two-factor authentication (2FA), the project side in the ecosystem should not transfer the attacker until the attacker has not exactly notified the details of the vulnerability. If the project party cannot accurately judge and handle it alone, you can contact the security company for assistance.

    Trojan Attack Trojan Horse Attack
    Trojan Horse Attack is an attacker who controls a piece of malicious code with special features hidden in a normal program, such as a backdoor with special functions such as destroying and deleting files, sending passwords, recording keyboards, and DDoS attacks. The program is parasitic in the computer system being controlled, and should be externally connected to perform operations on the computer infected with the Trojan virus. It can be used to steal user's personal information, even remotely control the other party's computer and pack it, and then spread or defraud the target user to execute the program through various means, in order to achieve the purpose of stealing passwords and other data.

    In the field of blockchain, such as extortion Trojans and malicious mining trojans have always been a headache in the industry. According to the world report, with the soaring bitcoin, the price of the entire digital cryptocurrency has been pushed back, which is closely related to the currency market. The mining trojan began a new round of activity. In the first half of 2019, the mining trojan increased by 60,000 samples per day. Through analysis, it was found that some new mining trojan families had a rapid and continuously updated version. The design is more and more complicated, and it is constantly innovating in terms of hidden techniques and attack techniques, and the technical confrontation with the software manufacturers is constantly increasing.

    Supply Chain Attack Supply Chain Attack
    Supply Chain Attack is a very terrible attack method. It is difficult to achieve perfect defense on the defense. Due to the current software engineering, the dependencies of various packages/modules are very frequent and common, and it is difficult for developers. By doing one-by-one checks, the default is to trust the package manager that is circulating in the market, which has led to supply chain attacks almost become one of the mandatory attacks. Calling this kind of attack a supply chain attack is to illustrate that this kind of attack is a kind of dependency. If a chain is infected, any link will cause problems in all the links after the chain.

    Supply chain attacks come in many forms and can occur at any point. In November 2018, Bitpay's Copay suffered a supply chain attack, and the attacker's attack was hidden for two months. The attacker polls the EvenStream (NPM package) and leaves the relevant variable value for Copay in the backdoor to initiate a directed attack on Copay to steal the user's private key information. And on June 4, 2019, the NPM Inc security team just teamed up with Komodo to successfully defeat a typical supply chain attack, protecting more than $13 million in digital cryptocurrency assets, and attackers put malicious packages into Agama. In the build chain, this method is used to steal the wallet private key and other login passwords used in the wallet application.

    Supply chain attacks are unpredictable and cost-free. The Slow Fog security team recommends that all digital cryptocurrency-related items (such as exchanges, wallets, DApps, etc.) should force at least one core technology to fully review all third-party modules to see if there is any suspiciousness. The code can also be checked to see if there is a suspicious request.



    Smart Contract Smart Contract
    Smart Contract is not a new concept. As early as 1995, cross-disciplinary legal scholar Nick Szabo proposed that smart contracts are a set of promises defined in digital form, including where contract participants can execute. These promised agreements. In the field of blockchain, the essence of smart contract can be said to be a piece of code running in a blockchain network. It realizes the automatic processing of traditional contracts by computer instructions and completes the business logic given by users.

    With the increasing number of blockchain smart contracts, there are more and more security issues exposed. Attackers can often exploit the vulnerability intrusion system to cause huge losses to smart contract users. According to SlowMist Hacked, only ETH is currently available. The losses on the three chains of EOS and TRON due to the attack of smart contracts are as high as $126,883,725.92. The same attack features are more likely to be successful and cross-chain. We will introduce some in recent years. Common smart contract attack techniques.

    Deal Rollback Attack Roll Back Attack
    Roll Back Attack, hence the name, refers to the ability to roll back the status of a transaction. What does it mean to roll back specifically? Rollback specifically refers to restoring a state that has already occurred to what it did not happen. Then, the transaction rollback means to change the transaction that has already occurred into an unoccurring state. That is, the attacker has already had a payment action, but by some means, the transfer process has an error, thereby rolling back the entire transaction process and achieving the purpose of transaction rollback. This attack method is mostly caused by the smart contract on the blockchain. In the game, when the user's betting action and the contract's lottery action are within one transaction, that is, inline trading. The attacker can detect the certain status of the smart contract when the transaction occurs, learn the lottery information, and choose whether to roll back the bet transaction according to the lottery information.

    This attack technique was often used on the EOS DApp in the early days, and then gradually spread to other public links such as the wave field. Up to now, 12 DApps have been attacked. The slow fog security team recommends that developers not put the user's bet and draw. In the same transaction, the attacker is prevented from realizing the transaction rollback attack by detecting the lottery status in the smart contract.

    Trading Clash Attack Transaction Congestion Attack
    Transaction Congestion Attack is an attack method for EOS on the game contract that uses Defer to draw prizes. The attacker can send a large number of defer transactions before the defer lottery transaction of the game contract by some means, malicious encroachment. The CPU resources in the block make the defer lottery transaction that should be executed in the specified block within the smart contract cannot be executed due to insufficient resources, and can only be executed until the next block. Since many game intelligence contracts on EOS use block information as the random number of the smart contract itself, the execution results of the same defer lottery transaction in different blocks are different. In this way, when the attacker knows that he can't win the prize, he will force the smart contract to re-open the prize by sending a large number of defer transactions, thus achieving the purpose of attack.

    The attack was first discovered when the hacker loveforlover launched an attack against EOS.WIN. Then the same attack method was successfully obtained several times. According to SlowMist Hacked, there were 22 quiz DApps in 2019, thus losing a lot of money. Slow fog security team It is recommended that smart contract developers not use defer transactions for key operations that perform differently in different blocks, reducing the risk of contract attacks.

    Random number attack Random Number Attack
    Random Number Attack is an attack against the random number generation algorithm of smart contracts to predict the random number of smart contracts. At present, many games on the blockchain use the information on the chain (such as block time, future block hash, etc.) as the random number source of the game contract, also called the random number seed. A random number generated using such a random number seed is called a pseudo random number. Pseudo-random numbers are not really random numbers and there is a possibility of being predicted. When a random number is generated using a predictable random number seed, once the algorithm for generating the random number is guessed by the attacker or obtained by other means such as reverse, the attacker can predict the upcoming game according to the random number generation algorithm. Random numbers, to achieve random number prediction, to achieve the purpose of the attack. On November 11, 2018, the attacker launched a continuous random number attack on EOS.WIN, which generated a total of 20,000 EOS. The slow fog security team recommended that smart contract developers not use unsafe random number seeds to generate random numbers and reduce them. The risk of the contract being attacked.



    Hard_fail state attack hard_fail Attack
    What is hard_fail? Simply put, there is an error but no error handler is used to handle the error, for example, using onerror capture processing, if there is no onerror capture, it will be hard_fail. The transaction status records on EOS are divided into five states: executed, soft_fail, hard_fail, delayed and expired. The transactions that most people observe on the chain are either executed or delayed, and there are no failed transactions. As a result, most developers mistakenly believe that there is no failed transaction record in the EOS chain, thus ignoring the check of the transaction status. The attacker uses this detail to attack a chain game or exchange, construct a transaction with a hard_fail status, and trick the game or exchange on the chain for a fake recharge attack.

    The attack was first captured by the Slow Mist Security team on an EOS DApp on March 10, 2019. The attacker with the account name fortherest12 attacked the EOS game Vegas town through a hard_fail state attack. Subsequently, the same attack techniques occurred frequently, and the slow fog security team reminded the exchange and EOS DApp game developers to strictly check the transaction status when processing the transfer transaction, ensuring that the transaction execution status is executed.

    For details, please refer to:
    EOS fake recharge (hard_fail state attack) red warning details disclosure and repair plan

    Replay Attack Replay Attack
    Replay Attack is a replay of transaction information on a blockchain. In general, blockchains perform various validations, including transactions, to ensure that they are not tamperable and prevent double-flower attacks. Timestamps, nonce, transaction ids, etc., but with the rise of various decentralized exchanges, there are more and more scenarios for verifying user transactions in smart contracts. This kind of scenario generally requires the user to sign a message and upload it to the smart contract, and then conduct the check within the contract. However, since the user's signature information is on the chain, that is, everyone can get the user's signature information. When the user's signature is verified in the contract, if the signed message does not exist, the number of transactions changes. Variables, such as timestamps, nonce, etc., an attacker can take a user's signature and falsify the user to initiate a transaction, thereby making a profit.

    This is an attack form that first appeared in the early stage of the DApp ecosystem. Due to the serious flaws in the developer-designed random lottery algorithm, the attacker can use the contract vulnerability to repeat the lottery, which is a mistake that developers can easily ignore. Therefore, when the developer performs the check operation on the chain, various variable factors need to be added to the signed message to prevent the attacker from playing back the signature on the chain, resulting in asset loss.

    For more details, please refer to the details of the
    Ethereum smart contract replay attack.

    Re-entry attack Reentrancy Attack
    The Reentrancy Attack first appeared in Ethereum, and the corresponding real attack was The DAO attack. This attack also led to the original Ethereum split into the Ether Classic (ETC) and the current Ethereum (ETH). Since the transfer model adopted by the project party is to first send the user a transfer and then modify the balance status of the user, the malicious user can construct a malicious contract and call the transfer function of the project party again while accepting the transfer. With such a method, the balance state of the user has not been changed, but the project party funds can be extracted all the time, and finally the project party funds are consumed.

    The Slow Fog Safety Team hereby reminds smart contract developers to make smart contract development. When dealing with key operations such as transfer, if the smart contract stores the user's capital status, the fund status must be modified before the actual operation. Transfer funds to avoid re-entry attacks.

    False recharge attack False Top-up
    False Top-up is divided into fake recharge attacks for smart contracts and fake recharge attacks against exchanges. In a fake recharge attack, neither the smart contract nor the exchange itself receives the real Token, but the user does get a real recharge record. In this case, the user can do without real recharge. Use real assets or non-existing assets to steal real assets from smart contracts or exchanges.

    Smart contract fake recharge attack

    The fake recharge for smart contracts is mainly the fake recharge of counterfeit currency. This kind of attack method is mostly on EOS and wave field. Since the tokens on EOS are issued by contract, the system token of EOS chain is also used. The method is released, and at the same time, anyone can issue a token called EOS. Only the contract number issued is different. The system token is issued as "eosio.token", while the tokens issued by others are derived from other contract accounts. When there is no source contract for verifying the EOS token in the contract, the attacker can perform a fake recharge attack on the contract by recharging the EOS token issued by the attacker himself. The fake recharge attack on the wave field is mainly the fake recharge attack of the TRC10 token. Since each TRC10 has a specific tokenid for identification, when the tokenid is not verified in the contract, anyone can have 1024. TRX issues a TRC10 token to refill the contract.

    Exchange fake recharge attack

    The fake recharge attacks against the exchange are divided into counterfeit currency attacks and false recharge attacks with failed transaction status. Take EOS and Ethereum as examples. For EOS, a fake recharge attack can be performed on the exchange using a counterfeit currency called EOS. If the exchange does not strictly verify that the EOS source contract is "eosio.token", an attack will occur. At the same time, unlike EOS, since Ethereum will keep records of transaction failures, for ERC20 Token, if the exchange does not verify the status of the transaction, ERC20 can be recharged to the exchange through the failed transaction. In addition, the hard_fail state attack is also a type of fake recharge attack.

    The Slow Fog Safety Team recommends that exchanges and smart contract developers should fully verify the status of the transaction when processing the transfer. If it is a transaction on the EOS or wave field, it must also verify that the source contract is correct when processing the recharge. Whether "eosio.token" or tokenid is the specified tokenid.
    Short Address Attack
    Short Address Attack is an attack form for ERC20 smart contracts on Ethereum, using the auto-completion mechanism for input bytecode in EVM.

    In general, for the call to the transfer function in the ERC20 contract, the number of bytes of the input byte is 136 bytes. When the transfer function in ERC20 is called for ERC20 Token transfer, if the attacker provides one or more zeros after the address, the attacker can save the zero after the address and provide a missing address. When transferring the address, for example, the A Token of the transfer 100, and then the address entered is the missing address provided by the attacker. At this time, the encoded input data is 134 bytes, which is 2 words less than the normal data. Section, in this case, the EVM will make up 136 bytes for the missing byte bits at the end of the encoded data, so that the 0 that was originally missing in the address segment is filled by the 0 of the data segment, and When the address segment is filled with 0, the data segment will be 0 less, and the missing 0 of the data segment is automatically filled by the EVM. This is like the data segment is moved to the address segment to fill the missing byte segment of the address segment, and then the byte segment missing from the data segment is EVM is padded with 0. In this case, the transfer amount will change from 100 to 100 * 16 to the nth power, and n is the number of 0s whose addresses are missing. In this way, an attacker can attack an exchange or wallet and steal assets from the exchange and wallet.

    The Slow Mist Security Team recommends that exchanges and wallets perform strict checks on transfer addresses when handling transfers to prevent short address attacks. For details, please refer to: Forgotten Atlantis: Ethereum Short Address Attack

    Counterfeit currency attack Fake Token Attack
    Fake Token Attack is a token created by using the universal creation template when creating an official token. The identification of each token is only identified by a specific tag. For example, the EOS official token is identified as "eosio." Token "contract, the identification mark of TRC10 of the wave field is tokenid, and the ERC20 of Ethereum uses the contract address as the identification mark. Then there will be a problem. If the payee does not strictly check the Token-specific tags when collecting the Tokens, the attack will occur. Take EOS as an example, because the EOS official Token uses a contract. Issue a Token named EOS, and mark the EOS itself as the "eosio.token" distribution account. If the logo is not verified when accepting the transfer, the attacker can use another account to issue an EOS. Token, recharge the counter money on the exchange or wallet in exchange for real tokens.

    On April 11, 2019, the wave field Dapp TronBank stole about 170 million BTTs (worth about 850,000 yuan) within 1 hour. Monitoring showed that the hacker created a counterfeit currency called BTTx to initiate an "invest" function to the contract, and the contract did not determine whether the sender's token id was consistent with the BTT real currency id 1002000. Therefore, hackers get the return on investment and recommended rewards of the real money BTT, which quickly shorts the pool of funds. In this regard, when dealing with transfers, exchanges and wallets must strictly check various tokens of various tokens to prevent counterfeit currency attacks.

    Integer Overflow Attack
    The storage of data is an important part of the blockchain. However, each data type itself has a boundary. For example, a variable of type uint8 in Ethereum can only store data of 0 to 255 size. If it exceeds the limit, it will not be saved. So what if you want to put a number that exceeds the size of the data type? For example, if 256 is stored in the data type of uint8, the data will be displayed as 1, instead of other values, and no error will be reported, because uint8 itself can store an 8-bit binary number, the maximum value is 11111111, if this time is added 1 This binary number becomes 100000001, and because of the data boundary, only the last 8 bits, that is, 00000001, can be obtained, and the size of the number becomes 1. This is called overflow. There is a subordinate, underflow means a uint8 data with a value of 0. If you decrement it by 1 at this time, the result will become the maximum value that the data type can store plus 1 minus the subtracted number. In this case it is 255, which is the maximum value that the data type can store. Then, if the above two situations occur in the smart contract, the malicious user manipulates his own account to send more tokens than the balance of his own account through the underflow operation. If the balance is not checked in the contract, the balance of the malicious user The underflow will become an oversized value. At this time, if the attacker sells these tokens in large quantities, it can instantly destroy the value system of the entire token.

    The Slow Fog Security team recommends that all smart contract developers rigorously verify data boundaries to prevent plastic overflow attacks when operating on data in smart contracts. For details, please refer to: BEC Smart Contract Unlimited Currency Vulnerability Analysis and Early Warning .

    Conditional Competitive Attack
    There are many ways to attack a Race Condition attack, but the essence of the core is nothing more than a competition for the state modification of a certain condition. The reentry vulnerability introduced in the previous period is also a kind of conditional competition, which is aimed at the condition of user balance. To compete, as long as the user's balance is not zero, the user can always withdraw the money from the smart contract. An example of conditional competition introduced this time is the recent denial of service vulnerability in the famous Edgeware lockout contract. For details, refer to the Denial of Service Vulnerability for Edgeware Locks . The essence of this vulnerability problem is to compete for this condition of the balance of the newly created lock contract. The attacker can monitor the lock request on all chains, calculate the address of the lock contract in advance, and then transfer the contract address, causing the lock to fail. Before the official fix, to prevent this kind of attack, you can only use your higher handling fee than the attacker to pack your own lock transactions, thus competing with the attacker to avoid attacks. Finally, the official repair program does not impose a mandatory equality check on the balance of the lock contract, but adopts a form of greater than or equal to avoid the attack.

    The slow fog security team recommends that developers of smart contracts should fully consider the risk of conditional competition based on actual conditions when they modify certain states in smart contracts to prevent conditional competition attacks.



    Override access attack Exceed Authority Access Attack
    As with the definition of traditional security, an override refers to an operation that accesses or executes a permission that exceeds the current account. For example, some operations can only be performed by a contract administrator, but because the restrictions are not rigorous, the key operations can also be managed by the contract. Executions outside of the staff lead to unpredictable risks, and such attacks have occurred many times on Ethereum and EOS.

    Take the well-known BetDice game on EOS as an example. Because the routing in the game contract (the customizable event forwarder in EOS) does not strictly check the source account, the ordinary user can access it through the push action. The key operation transfer function in the contract directly bet around the transfer process, resulting in an unauthorized attack. Although BetDice officially fixed the code and strictly restricted the source account, the vulnerability has made the attacker almost no cost. Take nearly 50,000 EOS in the BetDice prize pool. Another example is when the Ethereum uses the solidity version of 0.4.x for contract development. Many contract developers write not only the permission check but also the function visibility when writing the key functions. In this case, The default visibility of the function is public, and malicious users can attack the contract through these key functions that are not restricted.

    The Slow Mist Security Team recommends that smart contract developers pay attention to the privilege check of key functions during contract development to prevent key functions from being illegally invoked and causing the contract to be attacked.

    Trading order dependent attack Transaction-Ordering Attack
    In the world of blockchains, a transaction may contain multiple different transactions, and the order in which these transactions are executed will affect the execution of the final transaction, since the transaction is not packaged in the blockchain of the mining mechanism. Before being in a pending state to be packaged, if you can know in advance which other transactions are executed in the transaction, the malicious user can initiate a transaction by increasing the amount of the miner's fee, so that one of the transactions in the transaction is packaged first. Disturbing the order of transactions, causing unintended execution results and reaching an attack. Take Ethereum as an example. If there is a Token trading platform, the fee on this platform is realized by adjusting the parameters in the contract. If the platform project party raises the transaction fee through a transaction request, the transaction is The transaction fee for all the purchase and sale tokens after the package is raised. The correct logic should be that all the Token purchase and sale transactions from the beginning of the transaction will increase, but there is a certain delay due to the transaction from being issued to being packaged. At the same time, the transaction requesting the modification of the transaction fee is not effective immediately, then the malicious user can pack his transaction first and avoid the higher handling fee at a higher handling fee.

    The Slow Mist Security Team recommends that smart contract developers pay attention to the impact of the transaction order on the outcome of the contract when developing the contract, and avoid contract attacks due to different transaction sequences.

    Witch Attack Sybil Attack
    The rumored witch is a magical person. A person can illusion of multiple self, making the victim think that there are many people, but there is only one person. In the blockchain world, Sybil Attack is an attack against server nodes. When an attack occurs, in a certain way, a malicious node can pretend to be a plurality of nodes, issue a link request to the attacked node, and reach the maximum link request of the node, so that the node cannot accept the request of the other node, causing the node to refuse the service attack. . Taking EOS as an example, the EOS P2P node denial of service attack that the slow fog security team has disclosed is actually a kind of witch attack, and the attacker can achieve the goal of the master node with very small attack cost. For details, please refer to:

    Apenas usuários registrados e ativados podem ver os links., Clique aqui para se cadastrar...

    The slow fog security team recommends that in the case of building a full node, the server needs to monitor the network connection at the system level. Once an IP connection is found to be abnormal, the script is configured to configure the iptables rule to block the abnormal IP, and the chain developer is working. When the public chain is developed, you should add control to the number of single IP node connections in the P2P module.

    False error notification attack Fake Onerror Notification Attack
    There are various notifications on EOS. By adding the require_recipient command to the action, the specified account can be notified of the action. In some smart contracts on EOS, the onerror notification is generally performed for user experience or other reasons. Some processing. If at this time there is no check on whether the source contract of the onerror notification is eosio, the same method as the fake transfer notification can be used to attack the contract, triggering the onerror processing in the contract, resulting in the loss of the assets of the attacked contract.

    The Slow Mist Security Team recommends that smart contract developers need to verify the onerror source contract when developing smart contracts to ensure that the contract account is an eosio account to prevent false error notification attacks.



    Dust Attack
    The Dusting Attack first occurred in the Bitcoin network. The so-called dust refers to the fact that the transaction amount in the transaction is very small compared to the normal transaction and can be regarded as negligible dust. Usually these dusts are not noticed in the balance, and it is easy for many holders to ignore these balances. However, because the book model of Bitcoin or the bitcoin model-based blockchain system uses the UTXO model as the account capital system, that is, the amount of each transaction of the user, new funds are generated by spending the funds that were not consumed before. Users who don’t use it can use this mechanism to send these dust amounts to a large number of accounts, make the transaction dusty, and then track these dust transactions to associate other associated addresses of the address, by using these associated addresses. Behavioral analysis can analyze the company or individual behind an address and undermine the anonymity of Bitcoin itself. In addition, due to the limitation of the size of the Bitcoin network block, a large number of dust transactions will cause block congestion, which will increase the transaction fee, which will result in a large number of transactions to be packaged, reducing the operating efficiency of the system itself.

    For how to avoid dust attack, in the process of constructing a transaction, according to the type of transaction, the minimum amount of the transaction is calculated, and each output is judged. If it is lower than the amount, the transaction cannot be constructed. In particular, if this output happens to occur in the change, and the amount is not too large for you, you can avoid the construction of the dust transaction by discarding the dust output of the part to cover the transaction fee. Secondly, in order to protect privacy, the Slow Fog security team suggests that UTXOs with a very small amount can be discarded when constructing a transaction, and a large amount of UTXO is used to form a transaction.

    C2 Attack C2 Attack
    C2 full name Command and Control, translated is command execution and control, in the traditional network attack, after entering the target server through various vulnerabilities, limited by space, usually through the network pull two segments of the exploit to reside, to achieve Post-infiltration process. Therefore, the C2 architecture can be understood as the way in which malware obtains resources and commands, and in what way the data is passed back to the attacker. In the traditional attack method, the attacker usually pulls the command to the local execution through the remote server, but this method also has the obvious disadvantage that once the remote server is discovered, the subsequent infiltration activity cannot be performed normally. But the blockchain network provides a large, natural database that cannot be tampered with. The attacker writes the payload into the transaction and sends the transaction to the blockchain database permanently by sending a transaction. In this way, even if the attack command is discovered, the data on the chain cannot be falsified, and there is no need to worry about the risk of the server being discovered and then going offline.

    New technologies are constantly evolving, and old attack techniques are constantly being iteratively updated as new technologies change. In the world of blockchain, only in all aspects to prevent, in order to avoid security attacks from all sides.

    Money Laundering
    Money washing and money laundering are the same, but the objects are different. Money laundering refers to the illegal and legal income of an illegally obtained money through certain operations. The same is true for washing coins. It refers to tokens that will be illegally obtained, such as tokens obtained through hacking, carrying user assets, or through fraud, etc., by some means, turning their sources into legitimate and legal. source. Such as the exchange of money through the exchange, the washing of coins in smart contracts or transit through some blenders, through anonymous currency such as Monroe, Zcash, etc., the illegal proceeds can not be traced, and finally managed to escape the supervision to wash The purpose of the currency is then completed by converting the token into a legal currency and leaving the market.

    The Slow Fog Safety Team recommends that each exchange should strengthen the KYC strategy, enhance the risk control level, monitor the exchange funds in and out of the exchange, and prevent malicious users from washing money through the exchange. In addition, they can cooperate with third-party security agencies. , timely intercept illegal assets and block the possibility of money laundering.

    Blackmail Ransom
    Blackmail is a common attack in the traditional industry. The attacker sends funds to the victim by sending a ransomware to the victim's host to encrypt the host file. With the development of blockchain technology, in recent years, extortion has begun to present new ways, such as the use of bitcoin as a means of payment for extortion or the use of more anonymous Monroe as a means of payment. If the famous GandCrab virus is a bitcoin ransomware, the victim needs to pay the attacker a certain amount of bitcoin in exchange for the decryption private key. Through this kind of extortion, the GandCrab ransom virus has been extorting more than $2 billion a year. It is worth mentioning that even if bitcoin is sent to an attacker, it may not be possible to exchange the decryption private key, resulting in a situation of "people and money". In addition, the slow fog security team also captured some attackers by sending ransomware messages, falsely detecting the vulnerability of the exchange, and paying a certain amount of bitcoin to provide a solution. This kind of ransomware is also a popular ransomware method in the blockchain industry.

    The Slow Mist Safety Team recommends that when assets have been lost due to ransomware, don't panic, and don't pay Bitcoin or other cryptocurrencies to attackers. Try landing at Apenas usuários registrados e ativados podem ver os links., Clique aqui para se cadastrar... Index.html This site is looking for a solution. At the same time, the exchange needs to be extra vigilant when receiving these emails. Never pay Bitcoin or other cryptocurrencies to the attacker. If necessary, seek assistance from a third-party security company.

    At this point, the blockchain security primer series will come to an end, pay attention to the public number " slow fog technology " reply " science " can quickly view the complete ten popular science articles, the future slow fog security team will bring more and better quality The article is to help you better understand the colorful and dangerous world of blockchain. At the same time, in order to provide a more open blockchain safe learning and communication environment, the Slow Fog Safety Team has now opened the "Slow Mist Zone· Blockchain Security Learning Exchange Group", which can search for micro signals: helloslowmist adds " slow fog zone assistant " And reply to the " into the group ", there is an opportunity to join the "slow fog area, blockchain security learning exchange group"!


    WhiteCollarGroup till I die
    MI5, MI6,NSA,FBI,Army, CIA,Navy,Air Force, Mossad, PF and all this shit can't stop me.
    Similar Threads
X
Working...
X