Bitcoin Forum
November 09, 2024, 08:18:20 PM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: How a Bitcoin attack could play out  (Read 1878 times)
Elwar (OP)
Legendary
*
Offline Offline

Activity: 3598
Merit: 2386


Viva Ut Vivas


View Profile WWW
March 05, 2013, 06:38:12 PM
 #1

At this point, most of us realize that the actual Bitcoin network will not get hacked and our public/private keys are a safe way of holding value.

But I could see a social engineering attack focussed on this by those who would want to bring it down.

Let us say that the Fed or the US-gov or some in power want to bring down Bitcoin. Considering the Fed is dumping tens of billions of dollars into the economy a month, a few million dollars to take down Bitcoin would be a drop in the bucket.

A single agent with a few million dollars would be all they would need. The agent would work to build trust among key members of the Bitcoin community, using his accumulating Bitcoin wallet to get his hands in a few things. He would create several virtual personas which would also try to build trust. His outward approach would be that of security, focussing on ensuring people that Bitcoin is secure and that he is all about making sure his wallet is uber secure. He would go to Bitcoin conferences, make sure to be friendly to people and invest in various projects so that anyone questioning him will be met with a "I met him, he's a really good guy. I trust him.". All about building trust and making it known that he has a secure public address which he flaunts, showing people the amount in his vanity address, tieing it to himself.

Then comes the "attack". Having built up a large amount of BTC in his well known public address, he all of the sudden gets "attacked". All of his bitcoins are taken by a "hacker" and moved to a dummy address with something hackerish like "HACKEDBITCOINS1337LOLZ...". He assures people that there is no way anyone had his private address, he created the vanity address on an offline machine, then burned the machine and put it in a vat of acid then kept the only written copy in a finger print secured safe which was then put into a safe deposit box which has not been tampered with. He claims that this has to be a hack on Bitcoin itself. Then he starts pulling out his other virtual personas who have similar attacks happening. All BTC being sent to the same dead address. At the same time, he uses the money he has built up in BTC to dump bitcoins fast and hard plunging the price a good percentage which sends people into panic mode dumping their BTC. Everything is put into depicting the myth that Bitcoin itself can be hacked and that the vulnerability is unknown and nobody can stop it. A few more "people" continue to claim lost coins, more coins going to the dummy address. Bitcoin becomes considered unsafe as a store of value and with the vulnerability unknown, it is considered an inherent flaw in the whole p2p currency concept.

A few hold outs are skeptical, calling to question various things and still not believing it. They are considered conspiracy theorists and quacks. People move on to trying to figure out a way to make gold more like Bitcoin or just start encouraging people to use gold instead saying that they knew all along that gold was a better choice. Any time someone brings up a p2p encrypted currency concept from there on out, Bitcoin is used as an example of why they should not do it.

I just put this out there as a warning. Just to make people aware if something similar happens, that everything may not be as it seems. We are, after all, going up against something that holds a lot of power. Power is not ceded easily.

First seastead company actually selling sea homes: Ocean Builders https://ocean.builders  Of course we accept bitcoin.
Elwar (OP)
Legendary
*
Offline Offline

Activity: 3598
Merit: 2386


Viva Ut Vivas


View Profile WWW
March 05, 2013, 06:50:29 PM
 #2

reserved for "I told you so"

 Tongue

First seastead company actually selling sea homes: Ocean Builders https://ocean.builders  Of course we accept bitcoin.
Wekkel
Legendary
*
Offline Offline

Activity: 3108
Merit: 1531


yes


View Profile
March 05, 2013, 07:09:03 PM
 #3

"He claims that this has to be a hack on Bitcoin itself."

and then tech savy guys prove him wrong. Excellent buy opportunity  Kiss

blockbet.net
Member
**
Offline Offline

Activity: 112
Merit: 10


Admin at blockbet.net


View Profile WWW
March 05, 2013, 07:16:08 PM
 #4

Wouldn't make any sense for a hacker to steal something and then drive its value down. So there's your first clue that something's wrong.

Bitcoin Sports Betting online at www.blockbet.net, featuring NBA, NHL, UFC, football (soccer) and international competitions. Fast payouts directly to your wallet, great win odds, no need to register or deposit. Bet in just a few clicks now!
RodeoX
Legendary
*
Offline Offline

Activity: 3066
Merit: 1147


The revolution will be monetized!


View Profile
March 05, 2013, 07:17:43 PM
 #5

Dumping a couple million dollars would only bring the price down several dollars, I think? And I would not believe it is a new hack if it happened only once. The price may go down and everyone may hold their breath, but if no new hacks happen the price would likely return, IMO.
Eventually we may reflect on the operation as the last time one could buy cheap bitcoins.  Grin

The gospel according to Satoshi - https://bitcoin.org/bitcoin.pdf
Free bitcoin in ? - Stay tuned for this years Bitcoin hunt!
cloudTc
Newbie
*
Offline Offline

Activity: 51
Merit: 0


View Profile
March 05, 2013, 07:19:41 PM
 #6

They would lose their agent as he begins to work for himself, realizing his million dollars he put into bitcoins made him richer than the ones who paid for his services.
herzmeister
Legendary
*
Offline Offline

Activity: 1764
Merit: 1007



View Profile WWW
March 05, 2013, 07:23:54 PM
 #7

great movie plot


https://localbitcoins.com/?ch=80k | BTC: 1LJvmd1iLi199eY7EVKtNQRW3LqZi8ZmmB
Elwar (OP)
Legendary
*
Offline Offline

Activity: 3598
Merit: 2386


Viva Ut Vivas


View Profile WWW
March 05, 2013, 07:35:06 PM
 #8

Dumping a couple million dollars would only bring the price down several dollars, I think? And I would not believe it is a new hack if it happened only once. The price may go down and everyone may hold their breath, but if no new hacks happen the price would likely return, IMO.
Eventually we may reflect on the operation as the last time one could buy cheap bitcoins.  Grin

Hence the reason behind creating several virtual personas.

First seastead company actually selling sea homes: Ocean Builders https://ocean.builders  Of course we accept bitcoin.
Elwar (OP)
Legendary
*
Offline Offline

Activity: 3598
Merit: 2386


Viva Ut Vivas


View Profile WWW
March 05, 2013, 07:35:29 PM
 #9

great movie plot



Niice

First seastead company actually selling sea homes: Ocean Builders https://ocean.builders  Of course we accept bitcoin.
Timo Y
Legendary
*
Offline Offline

Activity: 938
Merit: 1001


bitcoin - the aerogel of money


View Profile
March 05, 2013, 08:07:42 PM
 #10

If something like this happened, I would invoke Occam's Razor, as would no doubt any investor with a brain:

Which is more likely?

1) That a lone hacker managed to to something that hundreds of cryptographers around the world haven't managed in a decade of cryptanalysis.
2) That the private keys are leaking in some way that the victims didn't think of (eg. zero-day exploit in wireless card)
3) That the whole thing is a scam.

GPG ID: FA868D77   bitcoin-otc:forever-d
Elwar (OP)
Legendary
*
Offline Offline

Activity: 3598
Merit: 2386


Viva Ut Vivas


View Profile WWW
March 05, 2013, 08:41:14 PM
 #11

If something like this happened, I would invoke Occam's Razor, as would no doubt any investor with a brain:

Which is more likely?

1) That a lone hacker managed to to something that hundreds of cryptographers around the world haven't managed in a decade of cryptanalysis.
2) That the private keys are leaking in some way that the victims didn't think of (eg. zero-day exploit in wireless card)
3) That the whole thing is a scam.

2 and 3 would require that several people who have "no" connection whatsoever who are trusted members of the community, well known by several respected people, including one who is a stickler for security, all conspiring together to pull this off. To try to state that it is a scam is to be labeled a tin foil hat wearing conspiracy theorist.

First seastead company actually selling sea homes: Ocean Builders https://ocean.builders  Of course we accept bitcoin.
RodeoX
Legendary
*
Offline Offline

Activity: 3066
Merit: 1147


The revolution will be monetized!


View Profile
March 05, 2013, 09:27:49 PM
 #12

Dumping a couple million dollars would only bring the price down several dollars, I think? And I would not believe it is a new hack if it happened only once. The price may go down and everyone may hold their breath, but if no new hacks happen the price would likely return, IMO.
Eventually we may reflect on the operation as the last time one could buy cheap bitcoins.  Grin

Hence the reason behind creating several virtual personas.
Oops, I read over that part.
I do think something like your plot is theoretically possible, but I can't see who would do such a thing. Forget about motive and means for a moment. Who would attempt something with such a high risk of failure and discovery for so little return? After all, bitcoin would not really be broken and people would eventually figure that out.

The gospel according to Satoshi - https://bitcoin.org/bitcoin.pdf
Free bitcoin in ? - Stay tuned for this years Bitcoin hunt!
rebuilder
Legendary
*
Offline Offline

Activity: 1615
Merit: 1000



View Profile
March 05, 2013, 09:43:07 PM
 #13

I don't think we're yet at the stage where this kind of manipulation is the most plausible attack, at least not coming from government.

If I was a regulator feeling threatened by Bitcoin, I'd go after the exchanges. Mt. Gox is an obvious target. Hit them with inquiries into their AML practices. Probably you'll find some mistake was made somewhere and can initiate proper legal proceedings against them. Even if everything was done by the book, you can surely still force them to waste a lot of time an effort to prove they're above the board.

Beyond Mt. Gox, go after the bigger payment processors. Who processes the payments for all those anonymous VPNs and torrent seedbox services etc? I'm betting many of them use some third party to convert the BTC they receive to USD instantly to reduce their exposure to exchange rate volatility. Get in there and threaten the payment processors with liability for anything you can think of. Again, right or wrong, simply looking into them will cause a lot of trouble.

Bitcoin is still very far from being able to function without easy exchange to government currencies. As long as that's the case, the exchanges are a choke point, and they will be such for a good while. Maybe always.

edit:

You can think of the situation as two graphs. One graph, (A) describes the perceived importance of intervening in the Bitcoin system, as seen by government. The other, (B) describes the effectiveness of doing so. As the system grows, the value of (A) grows, and the value of (B) diminishes. At some point, these two graphs will intersect and we'll see some action. Anyone bullish on Bitcoin is betting that point comes when the system is too mature to stop. Anyone trying to forcibly eradicate Bitcoin knows that to succeed, they must entirely annihilate the currency. If all regulatory action achieves is to cause a sharp drop in BTC valuation, but not a terminal one, regulators will face a situation like they do with the war on drugs - an endless fight to curtail an uncontrollable scourge.

Selling out to advertisers shows you respect neither yourself nor the rest of us.
---------------------------------------------------------------
Too many low-quality posts? Mods not keeping things clean enough? Self-moderated threads let you keep signature spammers and trolls out!
Snowfire
Full Member
***
Offline Offline

Activity: 122
Merit: 100


View Profile
March 05, 2013, 10:58:09 PM
 #14

It is hard to eradicate a block-chain currency completely; even dormant ones can be resurrected with surprising ease. See the story of BBQCoin as an example.

BTC:1Ca1YU6rCqCHniNj6BvypHbaHYp32t2ubp XRP: rpVbjBotUFCoi9xPu3BqYXZhTLpgZbQpoZ
LTC:LRNTGhyymtNQ7uWeMQXdoEfP5Mryx2c62i :FC: 6qzaJCrowtyepN5LgdpQaTy94JuxmKmdF7
auzaar
Full Member
***
Offline Offline

Activity: 151
Merit: 100



View Profile
March 06, 2013, 06:49:35 AM
 #15

you missed the main twist in the plot:

Our hacker was too stressed managing so many online personas while his wife believed that he was having an affair, to get her from his mind he goes to bar but had one too many drinks, while coming out of the bar he slips and falls down on a homeless person who dies with the impact, other homeless guys gather around him and beat him to death, this news spreads like wild fire and ultimately a thread on bitcointalk.org is posted about how the biggest promoter and hoarder of bitcoins has died and how it will negatively impact bitcoin, but then some guy named Mike convinces everybody that this is a great buying opportunity because this event reduces bit-coin supply by 25%, which means theoretical  bitcoin value should at least increase by 25%, everybody seems to see the flaw in the logic but everybody assumes that most of the other people are assuming that some people will get the logic and at-least buy or at-least will ride the rise, so everyone buys and bitcoin jumps 400% in 4 days which creates so much  publicity in print media that all tom-dick-harry rush to bitcoin not to miss the last opportunity to enter the race, which takes bitcoins to 10000$ and generates so many satoshi transactions that ultimately block-size had to be increased to 1 GB but at that point all the bitcoin users were so rich that each had a laptop with 1000 GB ram and it did not matter but what mattered was the increased global warming due to all the heat generated by bitcoin mining...to be continued

kjj
Legendary
*
Offline Offline

Activity: 1302
Merit: 1026



View Profile
March 06, 2013, 11:55:16 AM
 #16

Nice thing about bitcoin is that everything is out in the open, for all to see.

If the planted agent can point to a transaction in the block chain with an invalid signature, then everyone will know that there is a weakness in bitcoin (but one that we can fix, probably pretty damn easily).  If he has to point to a transaction with a valid signature, then he is claiming that the entire cryptographic community of the world is wrong and ECDSA itself is broken.

He may have developed a reputation here on the bitcoin forums, but he has absolutely no credibility in the cryptography community. 

17Np17BSrpnHCZ2pgtiMNnhjnsWJ2TMqq8
I routinely ignore posters with paid advertising in their sigs.  You should too.
zebedee
Donator
Hero Member
*
Offline Offline

Activity: 668
Merit: 500



View Profile
March 06, 2013, 12:50:53 PM
 #17

At this point, most of us realize that the actual Bitcoin network will not get hacked and our public/private keys are a safe way of holding value.

But I could see a social engineering attack focussed on this by those who would want to bring it down.

Let us say that the Fed or the US-gov or some in power want to bring down Bitcoin. Considering the Fed is dumping tens of billions of dollars into the economy a month, a few million dollars to take down Bitcoin would be a drop in the bucket.

A single agent with a few million dollars would be all they would need. The agent would work to build trust among key members of the Bitcoin community, using his accumulating Bitcoin wallet to get his hands in a few things. He would create several virtual personas which would also try to build trust. His outward approach would be that of security, focussing on ensuring people that Bitcoin is secure and that he is all about making sure his wallet is uber secure. He would go to Bitcoin conferences, make sure to be friendly to people and invest in various projects so that anyone questioning him will be met with a "I met him, he's a really good guy. I trust him.". All about building trust and making it known that he has a secure public address which he flaunts, showing people the amount in his vanity address, tieing it to himself.

Then comes the "attack". Having built up a large amount of BTC in his well known public address, he all of the sudden gets "attacked". All of his bitcoins are taken by a "hacker" and moved to a dummy address with something hackerish like "HACKEDBITCOINS1337LOLZ...". He assures people that there is no way anyone had his private address, he created the vanity address on an offline machine, then burned the machine and put it in a vat of acid then kept the only written copy in a finger print secured safe which was then put into a safe deposit box which has not been tampered with. He claims that this has to be a hack on Bitcoin itself. Then he starts pulling out his other virtual personas who have similar attacks happening. All BTC being sent to the same dead address. At the same time, he uses the money he has built up in BTC to dump bitcoins fast and hard plunging the price a good percentage which sends people into panic mode dumping their BTC. Everything is put into depicting the myth that Bitcoin itself can be hacked and that the vulnerability is unknown and nobody can stop it. A few more "people" continue to claim lost coins, more coins going to the dummy address. Bitcoin becomes considered unsafe as a store of value and with the vulnerability unknown, it is considered an inherent flaw in the whole p2p currency concept.

A few hold outs are skeptical, calling to question various things and still not believing it. They are considered conspiracy theorists and quacks. People move on to trying to figure out a way to make gold more like Bitcoin or just start encouraging people to use gold instead saying that they knew all along that gold was a better choice. Any time someone brings up a p2p encrypted currency concept from there on out, Bitcoin is used as an example of why they should not do it.

I just put this out there as a warning. Just to make people aware if something similar happens, that everything may not be as it seems. We are, after all, going up against something that holds a lot of power. Power is not ceded easily.
Casascius?
Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!