The most spectacular thefts in the world of cryptocurrencies and blockchain
The 51% attack on Ethereum Classic
Ethereum Classic is one of the oldest and most popular cryptocurrencies, which emerged as a fork of Ethereum in 2016, after a controversial hack that affected a project called The DAO. Ethereum Classic stayed true to the principle of immutability of the blockchain, while Ethereum chose to modify it to recover stolen funds. However, this decision also meant lower security for Ethereum Classic, which was exposed to a type of attack known as 51%.
This attack consists of a group of miners, who control more than half of the network's computing power, can alter the order of blocks and transactions, and thus spend the same cryptocurrency twice, which is known as double spent. This is what happened at the beginning of 2019, when an attacker managed to get hold of around 900,000 euros in Ethereum Classic, after rewriting the transaction history. Although Coinbase, one of the most popular exchange platforms, detected the attack and prevented its users from being affected, another platform called Gate.io was not so lucky and lost about 180,000 euros.
This case demonstrates that blockchains are not infallible, and that their security depends largely on the distribution of computing power among participants. If a single actor or a coalition of actors manages to concentrate more than half of that power, it can put the integrity and trust of the network at risk. Therefore, it is important for users and developers to be aware of possible attacks and take measures to prevent or mitigate them.
The Axie Infinity scandal
Axie Infinity is one of the most successful and popular games in the blockchain world, combining elements of collecting, strategy and economics. Players can buy, raise and train creatures called Axies, which are represented as non-fungible tokens (NFT), that is, unique and unrepeatable digital assets. With these Axies, players can compete against each other and earn rewards in the form of cryptocurrency, which they can exchange for real money. It is a business model known as play-to-earn, which has attracted millions of users, especially in developing countries, where gambling has become an alternative source of income.
However, this success has also brought problems. At the end of 2021, the game's developer, Sky Mavis, was overwhelmed by the exponential growth of the user base and the value of its cryptocurrency, Smooth Love Potion (SLP). This caused hyperinflation of the currency, which lost more than 90% of its value in a few months. In addition, the game suffered several computer attacks, which compromised the security and privacy of users. One of them was the theft of more than 100 million euros in Axies and SLP, which affected more than 9,000 accounts.
This case shows that the world of blockchain gaming and NFTs is not as idyllic as it seems, and that it also has risks and challenges. On the one hand, it is a very volatile and speculative market, which can change drastically in a short time. On the other hand, it is a very new and poorly regulated sector, which can be a victim of attacks and fraud. Therefore, users and developers must be aware of these aspects and act with caution and responsibility.
The biggest theft in history: Poly Network
Poly Network is a decentralized financial platform that allows users to exchange cryptocurrencies between different blockchains, without the need for intermediaries. Its goal is to facilitate interoperability and liquidity between different blockchain ecosystems, which often operate in isolation and with little compatibility. However, this advantage also became its Achilles heel, when in August 2021 it suffered what is considered the largest theft in the history of cryptocurrencies.
A hacker or a group of hackers managed to exploit a vulnerability in the platform's code, and thus access the funds that were locked in the smart contracts that facilitated the exchanges. In this way, the attacker obtained around 600 million euros in various cryptocurrencies, which he transferred to his own accounts. The event caused a great commotion in the blockchain world, and provoked a rapid reaction from the community, which tried to track and block the stolen funds.
The most surprising thing about this case is that the hacker, after being identified and pressured by the authorities and developers, decided to return most of the money, claiming that he only wanted to demonstrate the vulnerability of the platform and that he had no intention of causing damage. The hacker even received a $500,000 reward from Poly Network, which offered him a job as a security consultant.
This case reveals that the world of decentralized finance, or DeFi, is one of the most innovative and attractive in the blockchain, but also one of the most exposed and dangerous. By eliminating intermediaries and relying on code, greater efficiency, transparency and freedom can be achieved, but it can also create greater risks and vulnerabilities. Therefore, it is essential that users and developers take these factors into account and adopt security and auditing best practices.
Thefts in the blockchain ecosystem are a reality that we cannot ignore or minimize. These are events that negatively affect the reputation, trust and development of this technology, which has great potential to transform the world. However, they are also an opportunity to learn, improve and strengthen the system, which is constantly evolving and growing. Therefore, it is important that users and developers are informed, educated and prepared to face these challenges, and that they collaborate with each other to create a safer, fairer and more sustainable environment for all.
