That’s right, you read that right ladies and gentlemen. A college freshman, crypto enthusiast and security researcher who goes by the handle “geocold51” is coming for your crypto. But he’s not actually planning on stealing any. This keyboard warrior is just out to prove how easy it is.
According to this young savant who seems a tad bit cocky as most millennials are these days, many smaller cryptocurrencies are at great risk of being hacked by the crypto world’s most feared hack – the 51% attack.
CoinBeat has previously reported on the 51% attack, but for those who don’t know, basically, during an attack of this nature, a miner will take over more than half of a particular digital currency’s mining power thus allowing them to erase a previous transaction and replace it with an additional transaction and this is called a “double spend”.
Bigger, top-tier cryptos such as Bitcoin & ETH need not fear this attack due to the fact that their ecosystems have been built up enough to make them resistant to these attacks, but the smaller cryptocurrencies with fewer miners on the network are not as safe.
And with these smaller coin offerings, these attacks are beginning to become more rampant. In a recently published report, Group- 1B found that $20 million worth in crypto theft was achieved using this technique in 2018 alone.
Last Saturday, October 13, our cocky hacker geocold51 decided to demonstrate just how easy it is by live streaming his attempt to 51% attack Bitcoin Private, which is a crypto that has assets close to $47 million market cap!
Geocold51 argued that if a cryptocurrency could be attacked with such minimal effort
“it’s sort of a misvalue of a given currency by different investors.”
The crypto enthusiast also claimed that he spent a measly $100 to get to the point where he would have demonstrated a double spend on bitcoin private but stopped his show & tell as his live stream was pulled by the powers that be.
Once again, to make things crystal clear, geocold51 had no desire to commit theft. Instead, he just set up his demonstration in a way where he could send the bitcoin private coin he owned to two different wallets which he owned, this way ensuring that no-one was actually getting jacked.
For the crypto enthusiast, it was more about showing just how vulnerable many coins are and thus also overvalued.
He went on to explain that, to make a profit via a 51% attack it would only cost a malicious attacker double, around $200 to purchase some bitcoin via an exchange with bitcoin private and then make an additional transaction on the longer chain, thus making the first transaction invalid and thus giving him his bitcoin private coins back and ultimately leaving the exchange short of a few coins.
Despite the fact that going through the exchange process costs more, the 51% attack has, in fact, become more economical due to the advent of cloud computing. According to geocold5 without the availability of cloud computing the attack, he attempted on bitcoin private would have cost as much as $100 000 in hardware.
“Nicehash and the ability to rent hashing power fundamentally changes the landscape of 51% attacks,” explained geocold51 going on to add:
“If there’s not a lot of hashing power to secure it, but there is a lot of value associated with it, that’s where you can do a 51% attack.”
Due to the fact that geocold51 announced his live stream on Reddit, his attempted attack got the attention he wanted with notable names such as Dogecoin creator Jackson Palmer tweeting about streaming the attack.
As we know, the live stream didn’t quite go according to plan and due to this geocold51 claimed he would run another, complete attack at a later stage claiming that he’d reattempt the attack later this week & thereafter release a video of his demonstration on YouTube.
Geocold51’s Crypto Inspiration:
This young security researcher’s handle might ring a bell for some. According to him, geocold51 reckons he drew inspiration from “geohot” who of course was made famous when he jailbroke the original iPhone.
If you were to follow geohot today you’d find that the hacker live streams himself searching for various vulnerabilities and thus geocold51 was born, an enthusiast doing the same for the crypto community.
It must also be noted that geocold51 knows a great deal about cryptocurrencies. Way back when GPU hardware was the lucrative option for hobbyist miners, geocold51 mined a great sum of bitcoin. Following this, he began to trade via Cryptsy right before the exchange’s CEO allegedly disappeared with millions of dollars of user’s funds.
Geocold51 nearly lost all his bitcoin as a result but kept his chin up and interest in the industry too. As the crypto space expanded into thousands of various currencies, geocold51 decided to begin shining some light on the many security issues.
Many other crypto enthusiasts also found interest in geocold51’s interests. His Reddit post gained 1500 upvotes and he managed to raise $888 in donations via Twitch.
Attack Day:
Fun fact, bitcoin private was not geocold51’s first target, geocold51 initially went after einsteinium which is a volunteer-run fork of litecoin which has a $19 million market cap as well as $598, 000 in trading volume per day.
He also announced his intentions publicly and as the researcher was preparing to carry out his attack Twitch views commented on his feed noting that crypto’s hash rate was suddenly spiking.
Due to the fact that geocold51 announced this attack in advance, einsteinium’s community members boosted the hash rate as they were worried that an attack of this nature could have potentially caused a split chain thus creating a second blockchain where people could have ended up stuck on, according to one Ben Kurland, a board member at einsteinium.
During this time, einsteinium was in the process of upgrading their wallets and if users or exchanges did not upgrade their wallets in time the blockchain would have split thus causing property loss to many.
Geocold51 saw the increased hash power and opted to attack bitcoin private instead. He also claims that he as many as 60 000 views during his Twitch live stream before Twitch pulled the plug. The Twitch team later said the shut him down under “the attempts of threats of harm” section found in their community guidelines. This didn’t deter geocold51 as within a half hour he was back up on Stream.Me.
Once geocold51 was broadcasting he recruited miners via Nicehash to assist in mining bitcoin private and actually managed to mine an entire block almost instantly. In record time, geocold51 had control of more than 50% of the hash power found on the blockchain.
Not long after this, an account by the name of “CommunityWatch” entered the stream commenting: “Just a quick question: I’m assuming everything we are doing here is legal?”
Mere minutes after this, geocold51’s feed on Stream.Me was cut. At this point, according to geocold51 he had already had control of around two-thirds of the hash rate on bitcoin private. He also had written an additional transaction onto an offline chain which went into a third wallet over which he had control of.
At this point, geocold51 was ready to send his longer chain to the network, but the entire point of his exercise was to demonstrate just how easy such an attack is but he stopped once his platform was shut down ie once the live stream was cut.
The Protection Within Cryptocurrency Game Theory:
To this day, geocold51 remains determined to carry out his mission and will record his next attack and upload it to YouTube thereafter.
The 51% attack vulnerability is, of course, a worrying issue to many in the crypto community but geocold51 argues that there is indeed another way in which these coins are protected according to cryptocurrency game theory.
Say, for example, if an investor were to suddenly sell any significant amount of the coins, their price would more than likely drop, since the community isn’t very robust and thus doesn’t bare massive amounts of liquidity, thus geocold51 argues that if it’s that easy to purchase hash power & have a network in one’s control, it might not be as lucrative to make money from the attack.
The freshman is, however, fully committed to continuing his work using donations he received to perhaps attack other cryptocurrencies. He claims he might attack cryptcurrencies that have set up countermeasures for these 51% attacks to test them out. Horizen as CoinBeat reported on before, claims to have found a way to disincentivize 51% attacks by the introduction of certain mining penalties.
Of course, geocold51 is all too happy to fail against measures such as this. Running his demonstrations privately and thereafter adding production value to it will perhaps make for better content according to the freshman but he remains disappointed that his original plan didn’t pan out.
He concluded by saying:
“There is something kind of neat about it being live.”
Have you been the victim of a 51% attack? Do you think that geocold51’s work is beneficial to the community? Let us know your thoughts.
Follow CoinBeat on Facebook, Twitter & Telegram
Subscribe to our CoinBeat Newsletter
Submit an article to CoinBeat
View live Marketcap Prices here
Comments