Attainable Hacks on Keystore Files in Ethereum Wallets—A Systematic Analysis

Praitheeshan, Purathani; Xin, Yi Wei; Pan, Lei; Doss, Robin

doi:10.1007/978-3-030-34353-8_7

Cited by 13 publications

(8 citation statements)

References 41 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…On the other hand, Node 2 does not execute any of these methods, indicating that the attacker behaves differently depending on the node being attacked. [42], who conducted a demonstration experiment of cracking Ethereum wallets, found that the dictionary attack is more efficient than the brute force attack.…”

Section: ) Differences In Attacks On Each Node By the Same Attackermentioning

confidence: 99%

Honeypot Method to Lure Attackers Without Holding Crypto-Assets

Uchibori,

Yoshioka,

Omote

2024

IEEE Access

View full text Add to dashboard Cite

In recent years, the convenience and potential use of crypto-assets such as Bitcoin and Ethereum have attracted increasing attention. On the other hand, there have been reports of attacks on the blockchain networks that support crypto-assets in an attempt to steal other users' assets. In the past, research on attack observation against blockchains has used techniques such as holding real crypto-assets to lure attackers into honeypots or falsifying balances to attackers. However, these methods risk losing crypto-assets to attackers or being exposed as honeypots to attackers. To solve these problems, we propose a new RPC (Remote Procedure Call) honeypot method that returns the wallet address of another party a holding a high balance in response to an attacker's request, thereby luring the attacker without having the real crypto-assets. Our experimental evaluation shows that this method can attract more attackers than the method with zero-balance wallets and can observe more sophisticated attacks. Furthermore, we proposed a risk reduction strategy for crypto-asset theft by applying the idea of our method. In the log analysis process, we devised a new clustering method using the number of times an attacker executes a specific method as a feature. By applying this method, we successfully classified attackers based on their objectives, demonstrating the efficient analysis of vast amounts of log data.a We discuss the ethical considerations of the case in Section VII-D.

show abstract

Section: ) Differences In Attacks On Each Node By the Same Attackermentioning

confidence: 99%

Honeypot Method to Lure Attackers Without Holding Crypto-Assets

Uchibori,

Yoshioka,

Omote

2024

IEEE Access

View full text Add to dashboard Cite

show abstract

“…On the other hand, since there is no limit to the number of wallets, one can split their assets across multiple wallets, diversifying them not only by the amount but on the type as well. Furthermore, a user’s password policy should follow best practices, such as minimum password length, complexity and history enforcement, minimum and maximum password age [ 65 ]. Another primary concern is the design and scheduling of backup and recovery maintenance plans to respond effectively in the event of data loss [ 66 ].…”

Section: Cryptocurrency Walletsmentioning

confidence: 99%

Security of Cryptocurrencies: A View on the State-of-the-Art Research and Current Developments

Weichbroth

Wereszko

Anacka

et al. 2023

Sensors

View full text Add to dashboard Cite

[Context] The goal of security is to protect digital assets, devices, and services from being disrupted, exploited or stolen by unauthorized users. It is also about having reliable information available at the right time. [Motivation] Since the inception in 2009 of the first cryptocurrency, few studies have been undertaken to analyze and review the state-of-the-art research and current developments with respect to the security of cryptocurrencies. [Purpose] We aim to provide both theoretical and empirical insights into the security landscape, in particular focusing on both technical solutions and human-related facets. [Methodology] We used an integrative review which could help in building science and scholarly research, the basis for conceptual and empirical models. [Results] Successful defense against cyberattacks depends on technical measures on the one hand, as well as on self-education and training with the aim to develop competence, knowledge, skills and social abilities, on the other. [Contribution] Our findings provide a comprehensive review for the major achievements and developments of the recent progress on the security of cryptocurrencies. [Future research] Since there is increasing interest in adoption of the current solutions within the central bank digital currencies, the future research should explore the development and inception of effective measures against social engineering attacks, which still remain the main concern.

show abstract

“…As a result, the attacker gains access to more than $11.4 million worth of IOTA coins [59]. In [60] discussed a dictionary attack to break cryptographic hash and salt by This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/ This article has been accepted for publication in a future issue of this journal, but has not been fully edited.…”

Section: ) User Wallet Attacksmentioning

confidence: 99%

Exploring Sybil and Double-Spending Risks in Blockchain Systems

Iqbal

Matulevičius

2021

IEEE Access

View full text Add to dashboard Cite

This paper is partially supported by the ERASMUS+ sectoral alliance program on A Blueprint for sectoral cooperation on blockchain skills and development (CHAISE), project code 621646-EPP-1-2020-1-FREPPK2-SSA-B. The European Commission support for the production of this publication does not constitute endorsement of the contents which reflects the views only of the authors, and the Commission cannot be held responsible for any use which may be made of the information contained therein.

show abstract

Attainable Hacks on Keystore Files in Ethereum Wallets—A Systematic Analysis

Cited by 13 publications

References 41 publications

Honeypot Method to Lure Attackers Without Holding Crypto-Assets

Honeypot Method to Lure Attackers Without Holding Crypto-Assets

Security of Cryptocurrencies: A View on the State-of-the-Art Research and Current Developments

Exploring Sybil and Double-Spending Risks in Blockchain Systems

Contact Info

Product

Resources

About