Skip to content ↓ | Skip to navigation ↓

Bitcoin is so far the most successful cryptocurrency. Nevertheless, just like other cryptocurrencies, Bitcoin has seen prices drop dramatically for the past few months. Price volatility remains one of the most significant challenges facing all cryptocurrencies, as they try to navigate a tricky ecosystem towards being recognized as a world currency.

Virtual currencies also faces some serious security concerns and risks, such as the safety of wallets, double-spending, growing vulnerability to orchestrated attacks on Bitcoin exchanges, and fears of rogue miners engaging in selfish mining. These concerns that can be destructive towards Bitcoin are also real towards any other cryptocurrency, though not particularly in the same manner.

Here’s a brief rundown of some of these concerns.

Vulnerable Wallets

There is a real vulnerability of Bitcoin wallets when it comes to hacking attacks and theft. A report by a team of researchers from Edinburgh University said they found weak spots in hardware wallets that can be exploited. According to the same research, even the heavily encrypted hardware wallets were still vulnerable due to that loophole.

Using malware, the scientists were able to intercept communication between the wallet and PCs. This security breach affects the privacy of Bitcoin users because their funds can easily be diverted to different accounts.

Hackers and Cyber-Attacks

The potential for a crippling attack directed at Bitcoin exchanges remains real. There have been significant attacks on exchanges before, but though Bitcoin’s value slumped afterward, fears still abound of one that may completely cripple the popular cryptocurrency. We are not talking about an attack on the blockchain itself; that is almost a non-starter.

It is hacking major Bitcoin exchanges on the scale of Mt. Gox that I am thinking of. Reports circulated widely after the 2014 Mt. Gox heist indicates that hackers had been trying to get into the system for almost a year. When they did, they made off with 850,000 Bitcoins. At today’s value, that would be $7.2 billion.

Mt. Gox never recovered from the attack and filed for bankruptcy. Other major Exchanges like Bitfinex remain under threat, which is a security concern, too.

Bitcoin is also threatened by Distributed Denial of Service (DDoS) attacks. A report by Imperva indicated that Bitcoin Exchanges had become favorites for DDoS attacks. The frequency is increasing, with Bitfinex, one of the largest exchanges, reporting that it had faced repeated DDoS attacks towards the end of 2017.

Selfish Mining

Bitcoin’s continued use of proof-of-work consensus mechanism has another underlying threat. With some mining pools becoming powerful enough to command significant mining ratios, they may engage in selfish mining.

Also called block withholding, a pool may use their computational power to mine a block and then hide it from honest miners instead of broadcasting the new block to the network.

The selfish pool then attempts to find the second block while the rest grope in the dark. If the greedy miners manage to find a new block before the other miners, then broadcasting the two blocks makes the forked chain the longest. The selfish miners will be ahead of the other miners, getting all the rewards.

Such conspiracies, on a large scale, can be combined with the Sybil attack to cause considerable harm to mining because selfish miners can then use their power to invalidate transactions on the network.

Double Spending

Although reinforcements have been instituted to mitigate this severe concern, fears still abound concerning this transaction risk to Bitcoin. Bitcoin is becoming increasingly sturdier against coordinated double-spends.

However, some people might still be able to constitute attacks that would make them benefit from using the same coin twice in the same transaction. For instance, Bob purchases items from Alice and sends Alice x bitcoins.

At the same time, Bob executes a similar transaction to an address he controls using the same Bitcoins. Though Alice may believe that Bob has sent the money and may not bother to confirm, Bob’s address may be credited with the transaction while Alice’s won’t get the contemplated transaction.

Irreversibility then makes it pointless for Alice to get the transaction invalidated. And there is no recourse because Bitcoin is unregulated.

51 Percent Attacks

The so-called over 50 percent or 51 percent attack is a security concern for Bitcoin though not one that is easy to carry out. The increasing difficulty of mining Bitcoin has meant that miners get into pools to harmonize their computational power.

When a pool becomes too powerful that it can manage to command over 50 percent of the mining power, it then poses a threat to Bitcoin’s network. If a group were to get this much power, then it could go on to manipulate transactions by either mining “invalid” blocks or double-spending.

The use of ASICS mining rigs means a majority of miners can only do it through pools. Some of the pools have so much power that it can be misused.

For instance, Antpool, the Chinese mining pool operated by Bitmain Tech., controls about 27 percent of the computational power. If it were to conspire with another pool, the combined force would be dangerously close to 50 percent.

Getting to that magic number would be a concern to Bitcoin users. However, genuine miners will always see the need to remain prudent. Fifty-one percent attacks are therefore unlikely to happen.

The security concerns and risks facing Bitcoin are majorly related to the use of Bitcoin and not of the blockchain network. Most of them can, therefore, be remedied so as not to exacerbate problems associated with the cryptocurrency. All Bitcoin investors should be aware of these concerns and how they can affect investments.


Mark SchwarzAbout the Author: Mark Schwaz is a crypto expert and author of You can find him on Twitter here.

Editor’s Note: The opinions expressed in this guest author article are solely those of the contributor, and do not necessarily reflect those of Tripwire, Inc.