Data theft has become a major predicament in the world today. The attackers haven’t even spared Monero, a network built on privacy. Since the data pertaining to transactions as well as user information remain in the wraps of the Monero network, everything that happens in the network is almost masked. However, the efforts of the hacker were considered to have failed, as they had almost no impact on the Monero network.
Monero’s Riccardo Spagni Calls Attacker Incompetent
Privacy centric network, Monero was recently subject to dainty distress following an individual’s attempt to pry into the network. Elaborating on the recent attack, Monero took to Reddit and pointed out that a batch of malicious nodes was discovered. These nodes were reportedly trying to meddle with the network. The attacker was attempting to employ a Sybil attack on the network by striving to correlate the transactions to the IP addresses of the node that broadcasts it.
The network identified and listed the activities of the nodes that led to suspicion. This list included active injection into the peerlists of honest nodes, exploitation of bugs to make sure malicious nodes replace honest nodes in the peerlist, mirroring block heights of the nodes, and concealing of data pertaining to these nodes, recording and associating IPs with certain kinds of transactions along with several others.
In the Reddit post, Monero affirmed that nothing was compromised on the network as the attack had zero effect on stealth addresses, masked amounts as well as ring signatures. Riccardo Spagni aka fluffy pony shared an array of tweets assuring the users of the network that no data was compromised as the attacker was mostly incompetent. His tweet read,
While the Sybil attack is easier to execute on other currencies, attacking the privacy-centric network Monero is rather difficult. Nevertheless, Monero’s built-in solution, Dandelion++ came to the network’s rescue and lowered the impact of the attack on it. Detailing on the functions of Dandelion++, Spagni tweeted,
“Without getting technical, Dandelion++ works by randomly “diffusing” transaction broadcasts. This means that for a Sybil attack to link a transaction to a node’s IP address it has to be intercepted at the very first node in the “stem” phase of a Dandelion++ broadcast.”
Spagni further added that steering away from the incompetency of the attacker, the attack was not large enough to disrupt the network against Dandelion++ as the attacker would have to launch thousands of nodes to do so.