It seems that Japanese cryptocurrency Monacoin has been on the target of hackers in recent days. Between May 13 and 14 Monacoin blockchain seems to have suffered from a “selfish mining attack” that might’ve left the project with damages worth $90,000. Monacoin acknowledged the attack on 17th of May, but so far it has not yet provided any other information about what happened and what company plans to do to prevent the occurrence of such incidents in future.
— monacoinproject (@tcejorpniocanom) May 17, 2018
What is a selfish mining attack?
A selfish mining attack happens when attacker successfully mines one block on the blockchain but doesn’t broadcast it to other nodes in the chain. He keeps his newly mined block hidden from rest of the blockchain network. Then once he has mined one more block, he has secretly created a chain that’s larger than the chain of other nodes involved in the network. And since the largest chain is considered valid in most blockchain protocols (because it contains most proof-of-work), the attacker can then use his chain to invalidate other chains in the network. As soon as attacker publishes his chain to the network, all transactions that happened during the time of secret chain creation would become invalid.
Selfish mining attacks can be anything from pure vandalism to organized operations that benefit someone. If attacker does transactions (i.e. purchases, payments etc.) on the blockchain and then destroys the blockchain with a secret chain, he has effectively NEVER PAID!
Back to Monacoin
In this case it seems the objective of hacker was to send Monacoins outside Japan so they can be swapped for other cryptocurrencies before the secret chain was made public and transactions done by him destroyed. In simple words, the hacker wanted to purchase some other cryptocurrencies with this method without having to pay anything for them. You can imagine how alarming such hacks can be for other cryptocurrencies as well.
It has also been revealed that the hacker had so much processing power at disposal that he controlled 57% of Monacoin’s hashing power at one point of time. In that sense, this is also a 51-percent attack.
But perhaps the most surprising part of story is that this attack didn’t come unannounced in a day – the hacker was trying to exploit this vulnerability in Monacoin’s difficulty adjustment mechanism since last 6 months. Still Monacoin couldn’t do enough to protect itself. Every blockchain network adjusts the difficulty level of mining periodically depending on the number of miners involved in network to ensure that mining new blocks is neither too difficult nor too easy. How Monacoin messed up this thing is not clear as of now.
The attack is not happening anymore, but most exchanges have halted Monacoin deposits while developers of Monacoin project fix things behind the scenes. Industry is also watching the development carefully to protect other major blockchain networks from similar attacks, though it becomes much more difficult to carry out such attacks on large networks like Bitcoin and Ethereum.