“Clumsy” Attack on Monero (XMR) Network

The privacy-focused cryptocurrency Monero (XMR) has recently suffered a Sybil attack. This development, shared with the industry by Monero developer Riccardo “Fluffy” Spagni, includes both interesting details and hints about the attack. Even if the Monero network or privacy is not damaged by this attack, even such an attack can be expressed as a great improvement. In order to understand the clues offered by this attack and Spagni’s statement, first of all, it is necessary to take a look at the recent events around XMR.

XMR, one of the most popular privacy-focused cryptocurrencies in the industry, has attracted the attention and reaction of many regulators in this aspect and continues to attract. The IRS, the US revenue management agency, made an interesting announcement last September. The IRS has promised $ 625,000 to anyone who can break the privacy offered by Monero or the Bitcoin Lightning Network.

Monero offers 100 percent privacy

Transactions on the Monero network are known to offer 100% privacy, especially when combined with the Tor browser. As can be seen from the above development, this situation has become one of the problems of many official institutions. Blockchain data analysis company CipherTrace announced in August 2020 that it has developed a Monero tracking tool. Although this announcement was initially met with suspicion, the attack actually points to a similar process. However, after the IRS’s announcement, another analytics firm Chainalysis received a $ 1.25 million reward for breaking the privacy of Integra Monero.

Riccardo Spagni, in his long series of tweets, described the attacker as “quite incompetent” and stated that the Sybil attack was not replaced. This attack is actually a security threat that occurs when a party tries to take over a network through an excess of accounts, network node or computer. Monero’s privacy model is completely dependent on network nodes and their privacy.

Spagni also stated that the attacker tried to associate the transactions with the IP address of the network node that approved this transaction, but failed. XMR transactions are actively protected by three privacy technologies such as public signature encryption, secret addresses and confidential transactions. Spagni also implied that the attacker was both incompetent and failed because of these measures.

Why did the Sybil attack fail?

Stating that such an attack could be done to any cryptocurrency, Spagni also stated that the team predicted and prepared for this. The famous developer stated that the biggest measure against such an attack is that the network node that approves the transactions is using Tor or i2p. Related uses have been supported for 2 years on the Monero network and 8 years on the Bitcoin network.

The Monero team, on the other hand, seems to be ready for attacks beyond that, in order not to compromise on privacy. The team that released the Dandelion update in 2017, in addition to this, took the security to the next level with the Dandelion ++ version in 2018. According to Spagni, Dandelion ++ “messes up” all transactions and transaction validators on the network. This means that for a Sybil attack to reveal the true IP address of network nodes, it must be very, very large.

Spagni also added that in order to achieve this, a Sybil attack covering thousands of network nodes should be done. Although Spagni implied that there was no adverse event in this attack, he still advised users who were worried about a possible Sybil attack. The renowned developer recommended that concerned network participants run their network nodes based on the Tor browser. With this attack and its result, Spagni also came to the fore in the claim that “Monero transactions are almost impossible to hack.” The use of XMR even by the founder of Anonymous strengthens this claim.

Chainalysis and Coinbase in Suspicion

A user named Nick Bax posted a tweet under this directory stating that “what Chainalysis did with the money he got from the IRS” is now known. Chainalysis, who received one of the aforementioned $ 625,000 prizes, really looks like he has turned all the arrows on him. Spagni, on the other hand, stated that Chainalysis had a relationship with “the relevant stock market” and turned the target to Coinbase. Both Coinbase and Chainalysis are working in partnership with the IRS.

So although it is not known at the moment which “incompetent” attacker committed this attack, it seems that Monero network participants are already making accusations. No statement has yet been made on the Coinbase or Chainalysis front.