The future of cyber crime is smart contracts on a blockchain with software bugs!
Dan Goodin has an article explaining how a bug (flaw) in the code for drafting a blockchain smart contract, by MonoX Finance, allowed a hacker to steal $31million from them.
Really stupid “smart contract” bug let hackers steal $31 million in digital coin | Ars Technica
At this point I am reminded of the scene in Ocean’s 11, where Saul Bloom (Carl Reiner) asks how they will carry $150million out of the vault. If it had been on a blockchain then very easily!
This hack was made possible because of an undetected vulnerability in the contract drafting software and as we all know it is nearly impossible to write software without something in it that the hackers can exploit. That why we have Patch Tuesday, that’s why every cyber security expert goes on and on about updating and patching. You have to get in there before the bad actors exploit a loophole.
In this case MonoX Finance and their developers were too slow to the tune of $31million.
During the Masters course at Napier University smart contracts were discussed as a way of using blockchain technology for something more than just cryptocurrency. This is a link to a YouTube presentation by Professor Bill Buchanan OBE, of Edinburgh Napier University in which he discusses the future use of smart contracts and how it can support privacy. (I have set it to the point Bill looks at smart contracts but it is worth watching from the beginning if you are interested in future technologies.)
This incident shows we have some way to go yet.
Clive Catton MSc (Cyber Security) – by-line and other articles
Smart Contract Bug Results in $31 Million Loss – Schneier on Security