Hackers have come up with a new type of attack on bitcoin exchanges

In total, experts have identified several types of such attacks. For example:

A transaction appears in the liquidity pool, but it is not included in the block due to its replacement by an attacker;

The transaction falls into the block, but cannot be executed due to the specified deliberately incorrect logic parameter;

The transfer of funds is accounted for several times, creating double costs;

A fork of the network occurs when a block and a transaction in it become invalid;

The translation is withdrawn.

The latter method was used by hackers to steal tokens in The Open Network (TON), taking advantage of the properties of the blockchain. Experts point out that almost all internal messages between smart contracts on this network should be "rejected".

As a result, attackers conduct transactions through an account without a contract and, knowingly setting the "refund" option, receive their funds back minus commissions. At the same time, the exchange system manages to credit them with the withdrawn transfer.

To avoid further collapse, experts advise exchanges to introduce several security measures. In particular, they should introduce a mechanism for multiple confirmations, activate strict comparison of transactions, and create risk control systems. In addition, it is recommended to use manual verification of large transfers, as well as to introduce time limits on the withdrawal of deposited funds.

In total, in the first half of the year, cryptocurrency hackers successfully laundered about $244.5 million in cryptocurrency. Most of all, the attackers laundered as part of the hacking of the Harmony Bridge cross-chain bridge (about $ 100 million).

In second place is the incident around the Atomic Wallet: here hackers were able to launder $65 million, although according to Elliptic, about $100 million was stolen.