- The Cardano blockchain successfully mitigated a sophisticated DDoS attack aimed at disrupting operations and stealing staked tokens, thanks to swift action from its developers.
- In response, Cardano is working on a node upgrade to prevent future attacks, showcasing its resilience and commitment to security.
The Cardano blockchain has recently demonstrated its resilience in the face of a significant cyber threat. On June 25th, the network successfully mitigated a distributed denial-of-service (DDoS) attack aimed at disrupting its operations and stealing staked tokens. Despite the sophisticated nature of the attack, which involved executing numerous smart contracts within each transaction, the network continued to function seamlessly.
The attack, initiated at block 10,487,530, saw each transaction executing 194 smart contracts, with the attacker spending 0.9 ADA per transaction to flood the network. This attempt to overload the system was thwarted shortly after it began, thanks to the quick response from the Cardano developer community. Raul Antonio, the chief technology officer of Fluid Tokens, noted the attack’s intention to manipulate the blockchain into charging lower fees for high-value transactions, potentially leading to the theft of staked Cardano.
Developer Swiftly Halts Attack
Philip Disarro, founder of Cardano development firm Anastasia, played a crucial role in halting the attack. He explained that by deregistering the stake credential used by the attacker, the attack could be stopped immediately. Disarro’s timely intervention on social media led to the attacker ceasing their efforts to protect their funds. However, by that time, it was already too late for the attacker, and their funds were being reclaimed by the developers.
Disarro highlighted that the attack was not merely a random attempt to steal tokens but a calculated effort to exploit the network’s current transaction fee structure. “The idea behind this attack is to take advantage of the fact that the size of reference scripts currently does not impact the transaction fee, but it does impact the work that validators have to do to process the transaction,” he explained. The attacker, ironically, ended up contributing to the open-source smart contract development work instead of damaging the ecosystem.
In response to the incident, the Cardano developer community has been working on a node upgrade to prevent similar attacks in the future. Intersect, a member-based organization within the Cardano ecosystem, confirmed the attack and expressed gratitude for the swift resolution provided by the developers. The network experienced higher than normal load, but the performance remained stable, and no staked tokens were compromised.
Intersect has assured the community that once a thoroughly tested and independently audited solution is ready, a new node version will be released for stake pool operators to upgrade to. This proactive approach underscores Cardano’s commitment to maintaining a secure and robust blockchain network.
Update: DDOSer halted his attack after reading my tweet in an effort to protect his funds. Alas, they were too late and the pillaging of their funds is already in progress.
— phil (@phil_uplc) June 25, 2024
Thanks for the free money moron.
Truly iconic that the attacker who presumably wanted to damage the…
Cardano’s ADA token saw a slight increase of 0.4% following the incident, trading at 38 cents in the Asian morning hours, reflecting market confidence in the network’s resilience and security measures.
