In the month of January, a group of scientist revealed a major security vulnerability called ‘Eclipse attack‘, wherein virtually anyone with the internet connection can modify individual users access to publicly accessible ledger.
The study was led by the researchers Ethal Heilman and Sharon Goldberg of the University of Boston, in conjunction with researcher Yuval Marcus of the University of Pittsburgh entitled with paper “Low-level eclipse attacks in the Peer-to-Peer network of Ethereum. ” The published paper explains how the nodes of the Ethereum network, with a version prior to Geth v1.8.0, are prone to these cyber attacks due to the “inherited” vulnerabilities of the Kademlia protocol.
According to the researchers, eclipse attacks isolate the target node from the rest of the network, hindering the complete view of the network to the node (hence its name). In this way, the attacker takes control of the inputs and outputs of the victim’s node. In Ethereum, this type of attack could be executed using only two IP addresses.
Attackers could also trick victims into sending funds to a portfolio address other than the victim’s wishes, which could lead to the creation of incorrect intelligent contracts, from which hackers could benefit.
Before the public disclosure of this study, the researchers presented their discovery to the developers of Ethereum, who responded by updating the network protocol to its Geth version v.1.8.0 two weeks ago, which has made these attacks difficult to Increase the number of IP addresses required from 2 to 2,000. In this sense, one of the developers of Ethereum, Felix Lange, commented on this
We have done everything possible to mitigate the attacks within the limits of the protocol. The document refers to eclipse attacks with low resources. As far as we know, the security level has been raised high enough so that eclipse attacks are not feasible without more substantial resources, with the patches that have been implemented in Geth v1.8.0
– Felix Lange
In their study, Heilman, Goldberg, and Marcus published several countermeasures against this type of attacks and highlighted that many of them were included in the recent version of the Ethereum client. Therefore all the nodes in the Ethereum network should update immediately to Geth version 1.8.0 for security reasons.
The researchers also explained that the Bitcoin network would also be vulnerable to an eclipse attack, however, this is unlikely to happen since to isolate a node in this network, the number of IP addresses required in this case would be thousands, making this type of attack a very expensive one.