FTC users lose millions after a 51% attack
Summary
In May 2013, Feathercoin was attacked by a 51% attack that resulted in the loss of millions of dollars. The attack was carried out by an attacker who was able to gain control of more than 51% of the network’s computing power. The attack lasted for several days, during which the attacker was able to reverse transactions that had been completed while they were in control. The attacker was able to reverse transactions and double-spend coins, resulting in a significant loss for Feathercoin users. The attack was likely caused by a combination of factors, including Feathercoin’s vulnerable hashing algorithm, a lack of diversity in the mining hash rate, a vulnerable difficulty adjustment algorithm, and a lack of effective communication between the Feathercoin developers and the community.
Attackers
There are a few theories about who might have been behind the attack. One theory is that it was a group of miners who were trying to make a profit by double-spending transactions, which allowed them to steal a significant amount of funds from exchanges and individual users. Another theory is that it was a group of hackers who were trying to damage the reputation of Feathercoin. It is also possible that the attack was simply a prank.
Despite efforts to identify the attackers, no one has ever been publicly identified or prosecuted for the Feathercoin attack.
Losses
The total amount of losses that were incurred during the attack is unknown. However, it is estimated that the losses were in the millions of dollars.
Timeline
Context: FTC’s hashrate had been steadily declining due to the increasing popularity of other altcoins, making it easier for an attacker to perform a 51% attack.
- May 23, 2013: Feathercoin undergoes a hard fork to reduce the difficulty.
- May 24, 2013: A mining pool solves a block, but then the block is orphaned by someone mining from a vanity address, “feathercoinsucks.” This suggests it was a malicious attack to undermine the coin.
- May 25, 2013: The attack begins. The hash rate on the Feathercoin network increases dramatically, from 0.2 Gigahashes/sec to 1.5 Gigahashes/sec.
- May 26, 2013: The attack continues. The attacker orphans every single block, preventing new transactions from gaining confirmations. The attacker was able to reverse transactions that had been completed while they were in control.
- May 27, 2013: The attack ends. The hash rate on the Feathercoin network drops back down to normal levels.
Security Failure Causes
- Feathercoin’s hashing algorithm: Feathercoin, like many other cryptocurrencies, used a hashing algorithm called “scrypt” to secure its network. However, the scrypt algorithm was not designed to prevent 51% attacks, and it was vulnerable to attacks by individuals or groups with significant computing power.
- A lack of diversity in the mining hash rate: The Feathercoin network was dominated by a small number of mining pools. The network did not have a sufficient number of nodes, which made it easier for the attacker to take control of the network’s computing power.
- Vulnerable difficulty adjustment algorithm: The Feathercoin difficulty adjustment algorithm was vulnerable to manipulation. This allowed the attacker to quickly increase the difficulty of mining, making it more difficult for other miners to compete.
- Lack of communication between the Feathercoin developers and the community: The Feathercoin developers did not communicate effectively with the community about the security risks of the project. This made it difficult for users to take steps to protect themselves from attack.
As a result of these security failures, the attacker was able to take control of more than 51% of the network’s computing power and carry out a double-spending attack, resulting in a significant loss for Feathercoin users.