The Steemit Crypto Academy Week 5: All About Blockchain Security

in SteemitCryptoAcademy7 months ago (edited)

steemit.png

divider.png

Course Outline

  • Introduction

  • Wallet Security

  • Private Key
  • Digital Signature

  • Basics of Cryptojacking

  • How to detect and prevent Cryptojacking
  • Dusting Attack

  • Denial of Service Attack (DoS Attack)

  • Distributed Denail of Service Attack (DDoS Attack)

  • Eclipse Attack

  • Conclusion

  • Task

divider.png

Introduction

Since the blockchain is decentralized, there is no central government that controls the activities on it, neither is there a middle man to be held responsible for any flaws (if they occur), which means that we are all responsible for our security as individuals and as entities.

It is true that the blockchain is secured, thanks to cryptography, decentralization, and consensus, but then, there are several security attacks on both individual and corporate entities thereby causing so many people to be vulnerable. Securing a network and wallet is important on the blockchain and in this class, I will be explaining security on the Blockchain in full. My name still remains @gbenga, and I am your distinguished professor for this class.

divider.png

Wallet Security

Your safety in the cryptocurrency world as a user starts with your wallet. A wallet is an app where crypto assets are kept and it can interact with the blockchain at all times 1. Wallets could be custodial or non-custodial, with custodial wallets being wallets that the private key is kept by a third party (especially exchanges) while non-custodial wallets are wallets whose private keys are kept by the owner of the wallet 2. Hardware wallets, software wallets, mobile wallets, paper wallets, and multi-sign wallets, all fall into one of the following; custodial or non-custodial wallets.

You would have noticed that in the explanation above, one thing keeps coming up and that is the Private key. What are private keys?

Private Key

A private key as the name implies, is a set of alphanumeric cryptographic digits which serves as an authority to perform transactions. It is referred to as private because it is should be kept as personal property. For security purposes, the private key is used to prevent theft from unauthorized access to funds 3. Other security features to keep your wallet safe include seed phrases, and mnemonics.

divider.png

Digital Signature

Just like your handwritten signature is needed to approve withdrawals of funds on your account, so is a digital signature required to approve transactions. Digital Signatures are cryptographic fingerprints or signatures used to approve transactions on the blockchain. Digital signatures are important for data integrity, authenticity, and non-repudiation 4

divider.png

Security on the blockchain goes beyond keeping your private key, mnemonic, or seed phrase safe from another user, it goes down to securing your computer, the network, and so on. So, let's do justice to the topic "All About Blockchain Security"

Basics of Cryptojacking

Would you have ever thought that someone could be using your computer power to mine cryptocurrency without your approval or you knowing about it? Cryptojacking is the unauthorized use of an infected computer through malicious ways by cybercriminals to mine cryptocurrencies without the knowledge of the victim 5. This is often achieved by tricking the victim install software into their computer. The software uses the computing power of the computer to mine cryptocurrency.

This is often achieved when victims click on phishing links which allows them to install the mining code which runs a crypto mining script on the computer. Another way is to inject the script on ads, and once the victim clicks on the ads, the script automatically begins to work and mining occurs without the knowledge of the victim.

How to detect and prevent Cryptojacking

As usual, it is better to prevent than to cure, and in preventing yourself or your organization from being a prey to cryptojacking, you have to do the following thing;

  • Download an ads blocker
  • Do not click on links you are not certain about.
  • Limit chats with people you are not familiar with but come with a profitable link to click on
  • Do not download applications that are not from a trusted source.
  • If you are not using your computer for any form of crypto mining, then you can download an anti-crypto mining extension on your web browser
  • Disabling Java script while browsing is another way to prevent cryptojacking.

We can never be too careful and in some cases, people can fall victims to crypto-jacking and when this happens, it is best to find a solution to it. Detecting crypto-jacking can be very difficult and when not detected, it could cause a lot of loss for both individuals and organizations. There are a few ways to detect cryptojacking and they include;

  • Overheating
  • Decrease in Performance
  • Increase in CPU usage
  • Using artificial intelligence such as SecB to detect cryptojacking

After detecting, the next step is to find a solution and in doing that, a few steps can be taking such as;

  • Delete script related to cryptojacking
  • Block website-delivered scripts on your browser.
  • Update the browser being infected or the operating system being infected.

divider.png

Dusting Attack

Have you received tiny amounts of crypto assets in your wallet and you become really happy? With Dusting Attack, cyber attackers send a tiny amount of coins to wallets and use this tiny asset is traced along with the other coins so as to determine the owner of the wallet. If you have a wallet with little funds, you might notice the transfer but for wallets with large funds, they would not notice this tiny amount of funds. After sending the tiny funds, the cyber attackers start to monitor the transfers done on these wallets to identify the owners of the wallet. Once the owners of these wallets are identified, phishing links are sent to the wallet owners 6

divider.png

Denial of Service Attack (DoS Attack)

This is an attack by cyber attackers on a network or web thereby hindering the use of the service provided by the network or web. DoS requires overloading the network with excessive requests thereby making the service misbehave or crash.

Distributed Denial of Service Attack (DoS Attack)

Unlike the DoS, DDoS is an attack on a service from several malicious sources instead of from one source. DDoS has been very common in the cryptocurrency world, although it cannot change transactions on the chain, it can affect servers of companies that utilizes the blockchain. eg, crypto exchanges.

divider.png

Eclipse Attack

There have been several attacks trying to break decentralization and Eclipse Attack is one of them. With Eclipse attack, certain nodes are attacked/isolated thereby preventing them from seeing the real chain and activities going on them. The major purpose of eclipse attack is aimed at double spending there are two types of double spendings; 0-confirmation double spends, and N-confirmation double spends. With doubble spending, attackers are able to profit from the Eclipse attack 7.

With double spending and Eclipse attack, an attacker can isolate a node and then send coins to both the running nodes and the isolated nodes at the same time thereby causing double spending. In cases where the transaction needs immediate conversion for other coins, the attacker sends the double spent coin and if the victim doesn't wait for confirmations, the coin doesn't get confirmed and cancelled as other active nodes will correct the eclipsed node.

divider.png

Conclusion

Individuals and enterprises need to keep their wallets, servers, nodes, and platforms safe from attackers, there are malicious attackers everywhere. For individuals, keeping your private key, mnemonic and seed phrase is a major security safety tip but there are more things to keep safe in other not to lose our funds to attackers.

divider.png

Task

Make a Post about a Security problem with Cryptocurrency and Share a personal experience if possible.

The Rules

  • Everyone is eligible to participate in this task.
  • The Post should be a minimum of 300 words and should be submitted in the crypto-academy community for visibility.
  • You should include the exclusive tag #gbenga-week5, #cryptoacademy, and a tag of your country (for example #nigeria).
  • Post should be your original content. Show references for images used when writing your post.
  • Task runs until Sunday, March 14th, 2021

divider.png

Image Credit

meidum
medium
globalsign
le-vpn
ruggedtooling

Sort:  
 6 months ago 

Hello again @gbenga, this is my post and task of the week. Sorry for delay, I had some internet problems at home this week.

https://steemit.com/hive-108451/@allbert/the-steemit-crypto-academy-week-5-gbenga-all-about-blockchain-security-security-problem-with-cryptocurrency

 6 months ago 
 6 months ago 
 6 months ago 

Dear professor @gbenga, I've submitted my task 5 link for review earlier a few days ago. This is to remind you about it again. Thank you sir.

https://steemit.com/hive-108451/@fredquantum/steemit-crypto-academy-week-5-task-all-about-blockchain-security-security-problem-with-cryptocurrency-or-lecture-by-gbenga

Hello Prof @gbenga

This is my homework for your review please and I have shared it on Twitter as well for more attention. Thank you.

https://steemit.com/hive-108451/@alokkumar121/crypto-academy-week-5-homework-post-for-gbenga-all-about-blockchain-security

Hello Prof @gbenga
Good day. Appreciate if you can please review my homework. Thanks.

Hello prof. Thanks for the write up. Here is my link to my homework week 5task. https://steemit.com/hive-108451/@chant/crypto-academy-week-5-homework-post-for-gbenga

Weldone sir, I hope you are good. Please this write was vetted by you. Please kindly do so as the post expires tomorrow.
Steemit Crypto Academy Week 4// Projects on the Etherum blockchain // Submitted to @gbenga

Thanx

Buenas noche, soy nueva en Steemit, bueno llevo como 3 semanas, todavia ando estudiando o aprendiendo con se maneja esta plataforma.. Aquí le dejo mi link para que me apoyen

https://steemit.com/hive-193637/@yorianajsg/dia-internacional-de-la-mujer-venezuela

Gracias 🌹 🌹 🌹

 7 months ago 

Hello professor @gbenga, sorry for the inconvenience, I have two questions.

Can I post my homework in Spanish?

And I would like to be able to translate your publication for the Spanish speaking community, I will give you all the credits :)

Thank you very much for your work in the Steemit community!!

Hello dear friend please feel free to share your content in Spanish, I will be glad to check it out.

 6 months ago 

Thanks professor!

  • Here is the translation of this post:

LINK

 7 months ago 

Hello professor... Thank you for this week's session. The lesson was helpful.
Here is my homework entry

https://steemit.com/hive-108451/@senicbliss/steem-crypto-academy-week-5-homework-post-for-gbenga-all-about-blockchain-security

Hello, I am sorry for not replying to your post. I actually checked it out but the language barrier was why I didn't reply on it but I will reply soon.

Excuse me sir @gbenga maybe you can use word translator to read it, it's an app that translates any language to English ones you install it in your phone

I hope this can be helpful 🙌

muchas gracias profesor.. de verda muchas gracias...

Hello Sir, @gbenga
I have read your lecture, you have given detail in good way that anyone can understand it easily. Here is my homework week 5.
https://steemit.com/hive-108451/@azamrai/crypto-academy-week-5-homework-post-for-gbenga

Hola Profe, buen día! quería saber si no he sido corregida por algun error para tomarlo en cuenta la proxima tarea! o sólo no ha revisado algunas y las que escogí al azar estaban revisadas por casualidad! me da mucha curiosidad, saludos!

 7 months ago 

Beautiful writeup Prof, I really got to understand new terminologies. below is my research homework,
https://steemit.com/hive-108451/@hadassah26/crypto-academy-week-5-homework-post-for-gbenga-on-all-about-blockchain-security-by-me-hadassah26
Thanks.

 7 months ago 

Thank you professor @gbenga for this amazing lesson in Blockchain security. The lesson is really informative. Kindly review my home work task
https://steemit.com/hive-108451/@reminiscence01/homework-task-week-5-for-professor-gbenga-or-blockchain-security-or

Hello professor @gbenga, I have a question, is it mandatory for the professor to review the homework? I observed in a publication that if an assignment is not reviewed you can tell the teacher crypto, I have done all the tasks now I go for the number 5. This is the previous one without revision: https://steemit.com/hive-108451/@tanhunter254/the-steemit-crypto-academy-week-4-gbenga-homework-task-localethereum-localcryptos-esp-eng . Greetings and good wishes.

Thank you so much for this information.

Good morning Professor @gbenga. Thank you so much for this lecture. I'm enlightened. I've been able to learn alot about security on Cryptocurrency blockchain. Here's my homework submission https://steemit.com/hive-108451/@graciee20/the-steemit-crypto-academy-week-5-task-gbenga-a-post-about-a-security-problem-with-cryptocurrency-by-graciee20

Hello Professor @gbenga

Here is my Submission for Homework Week #5

https://steemit.com/hive-108451/@hassanabid/crypto-academy-week-5-homework-post-for-gbenga-or-security-problems-with-cryptocurrency-or-phishing-keylogging-rat-explained

Thankyou so much for explaining people about These different Attacks !
However i have also mentioned some common attacks which may help people to prevent from opening links/apps from unknown sources.

Hello professor @gbenga, thanks for the class and an assignment that a lot of us can relate with.

This is the link to my assignment:

https://steemit.com/hive-108451/@oluwatobiloba/steemit-crypto-academy-week-5-newbies-keep-loosing-funds-to-scammers

hello teacher greetings this is my homework 3 that I never check myself please look at it when you have time.. https://steemit.com/hive-108451/@eward2930/crypto-academy-week-3-homework-post-for-gbenga-eng

hello teacher greetings this is my homework 4 from last week that you did not see it .. please if you have time will you be able to look at it? .. thanks and greetings https://steemit.com/hive-108451/@gaby20/crypto-academy-week-4-homework-post-for-gbenga

Dear sir, It is requested that please review my week 4 post. In case it is not reviewed today, I am sure it will not be curated and it will expire. I requested 2 days ago and you replied but still it is not reviewed. This is going to hurt me lot.

Screenshot_20210311-073743.jpg

https://steemit.com/hive-108451/@babawattoo/crypto-academy-week4-homework-post-for-gbenga

I have done another this week homework this week again @gbenga hope it will not just go like last week homework
https://steemit.com/hive-108451/@cryptocheta/crypto-academy-week-5-homework-post-for-professor-gbenga-all-about-blockchain-security-by-cryptocheta

You did a nice lecture sir. It was as if I should not end the reading.
Anyways I did my homework sir, and here is the post link.
https://steemit.com/hive-108451/@prolee/steemit-crypto-academy-or-homework-task-5-by-prof-gbenga-or-all-about-blockchain-security-or-written-by-prolee

Waoo, Prof. @gbenga, this a very important part of cryptocurrency adoption. Thank you for this lecture.

 7 months ago 

Good morning @gbenga. Please my task 4 have'nt been reviewed. I submitted 5 days ago. Here is the link below.
https://steemit.com/hive-108451/@reminiscence01/homework-task-week4-for-professor-gbenga-or-ethereum-blockchain-or-chainlink-or

Hello dear Professor @gbenga, I hope you can see my assignment for week #5 Topic: All About Blockchain Security. By: @tanhunter254 . Greetings and good wishes to you.


imagen.png

Compartido en Twitter: Tweet-link
imagen.png

Dear sir @gbenga I have done my home work task for week 5.

Here is my Submission

Please check it out ..

 7 months ago 

Hello sir
this is your really very very helpful tutorial for me e because I had no idea about couple of security issues you have discussed on your article like cryptojacking.For such kind of problem prevention is better than cure really as you have explained. I have gone through all the security issues to have a good idea about security of Crypto wallet. thank you very much for sharing such a important article to us. I hope to participate with one of my personal experience soon.
#affable #twopercent #bangladesh

Well done Prof. Please my last week homework 4 wasnt considered, please give it a view. Thanks

Steemit Crypto Academy Week 4// The Etherum blockchain // Submitted to @gbenga

 6 months ago 

Man is learning here. Thanks.

hello professor this is my new post I hope this is a little better Thank you for your constructive criticism .. greetings https://steemit.com/hive-108451/@gaby20/publicacion-de-tareas-de-la-semana-5-de-crypto-academy-para-gbenga-por-gaby20-esp-eng

Thanks for such detailed lecture. Here is my homework post week 5. Please review it.

https://steemit.com/hive-108451/@mawattoo8/crypto-academy-week-5-homework-post-for-gbenga

Thank you for another opportunity @gbenga

This is my submission for the homework task for week 5

https://steempeak.com/hive-108451/@mandate/crypto-academy-week-5-homework-post-for-gbenga

Hi,
Dear Professor @gbenga
You are requested to have look on my assignment task.
Here it is :: https://steemit.com/hive-108451/@eh-shohag/crypto-academy-week-5-homework-post-for-gbenga

 6 months ago (edited)