Krypton (KR) suffers a 51% attack in August 2016

Summary

Krypton, an Ethereum-based blockchain, experienced a 51% attack in August 2016. The attackers were able to control more than half of the network’s hash rate, enabling them to manipulate the blockchain and double-spend KR tokens.

Attackers

The identity of the attackers remains unknown.

Losses

It was reported that the attackers managed to steal approximately 21,465 KR tokens, which had a value of about $3,000 at the time of the attack.

Timeline

  • August, 2016: Attacker(s) sent more than 21 thousand Krypton (KR) tokens to the Bittrex crypto exchange, sold them for bitcoin
  • August, 2016: Attacker(s) bought additional hashing power from online rental service Nicehash, and joined the 4miners mining pool
  • August, 2016: Attacker(s) simultaneously launched a distributed denial-of-service attack on the Supernova mining pool and Krypton’s statistics servers.
  • August, 2016: Attacker(s) used the majority hashing power to roll back the transactions.

Security Failure Causes

  • Lack of Decentralization: Similar to other 51% attacks, the Krypton network suffered from a lack of decentralization in its mining power. This allowed the attackers to easily gain control over the network.
  • Low Network Hash Rate: At the time, Krypton was a relatively small cryptocurrency, with a low network hash rate, making it an easy target for attackers.