Extorsionware: Exploiting Smart Contract Vulnerabilities for Fun and Profit
Alessandro Brighente, Mauro Conti, Sathish Kumar
TL;DR
This paper introduces extorsionware, a novel attack exploiting vulnerabilities in smart contracts to extort victims by controlling their assets and demanding payment for re-establishing control.
Contribution
It presents a new attack method that leverages smart contract vulnerabilities for extortion, highlighting a novel security threat in blockchain systems.
Findings
Demonstrates the feasibility of extorsionware attacks on vulnerable smart contracts
Shows how attackers can control assets and demand payments from victims
Highlights the need for improved smart contract security measures
Abstract
Smart Contracts (SCs) publicly deployed on blockchain have been shown to include multiple vulnerabilities, which can be maliciously exploited by users. In this paper, we present extorsionware, a novel attack exploiting the public nature of vulnerable SCs to gain control over the victim's SC assets. Thanks to the control gained over the SC, the attacker obliges the victim to pay a price to re-gain exclusive control of the SC.
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsBlockchain Technology Applications and Security · Spam and Phishing Detection · Internet Traffic Analysis and Secure E-voting