TLGUt5 Tron Contract Hacked

From Quadriga Initiative Cryptocurrency Hacks, Scams, and Frauds Repository
Revision as of 21:12, 24 January 2023 by Azoundria (talk | contribs) (Created page with "{{Imported Case Study|source=https://www.quadrigainitiative.com/casestudy/tlgut5troncontracthacked.php}} A tron contract named TLGUt5 had a small amount of funds removed through a "rollback attack", which is a similar concept to a 51% attack where the attacker is able to amass enough miners to take over the chain and rollback their transactions. The amount stolen was small. This is a global/international case not involving a specific country. == About TLGUt5 == "TPSHf...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Notice: This page is a freshly imported case study from the original repository. The original content was in a different format, and may not have relevant information for all sections. Please help restructure the content by moving information from the 'About' section to other sections, and add any missing information or sources you can find. If you are new here, please read General Tutorial on Wikis or Anatomy of a Case Study for help getting started.

A tron contract named TLGUt5 had a small amount of funds removed through a "rollback attack", which is a similar concept to a 51% attack where the attacker is able to amass enough miners to take over the chain and rollback their transactions. The amount stolen was small.

This is a global/international case not involving a specific country.

About TLGUt5

"TPSHfJ has initiated 'transaction rollback' attacks on a DApp contract address which starts with TLGUt5, through creating the contract."

"The PeckShield security shield risk control platform DAppShield detected that at 6:38 this morning, hackers at the beginning of the TPSHfJ address continued to launch multiple transaction rollback attacks on the DApp contract address beginning with TLGUT5 by creating attack contracts. Up to now, 45,200 TRX has been profited, and the balance of the attacked contract has almost returned to zero. PeckShield security personnel analyzed that the contract draw is on the chain and in the same transaction, so it is vulnerable to rollback attacks. Prior to this, PeckShield has disclosed multiple incidents of transaction rollback attacks on TRON's DApp. PeckShield hereby reminds that DApp developers should be alert to the continued spread of such transaction rollback attacks, filter contract players, and contact security vendors in time to avoid greater losses of digital assets."

"In programming, a rollback or reversal is the operation of restoring a database to a previous state by canceling a specific transaction or set of transactions. Reversals are performed automatically by the database systems or manually by the users."

"In general, the only way that should exist in a blockchain to make a reversal of transactions in a contract that happened days ago is by means of a hard fork."

"In general, rollback transactions can be used to delete all data modifications made since the beginning of the transaction or at a safeguarding point. It also releases resources held by the transaction. It is very common to use it in “soft fork” to correct unwanted or unplanned changes occurred within the chain of blocks."

"Tron in its manual of exceptions for programmers includes the cases of affirmative style and style required in the Tron Virtual Machine (TVM) that generate a rollback, in order to preserve the atomicity of the transaction."

"This would mean that any owner of the coins could vote to revert the state to a given block number and would then have to attract enough miners to run this network."

"The attacker launched multiple roll back attacks on the DApp contract address beginning with TLGUt5. So far, it has gained 45,200 TRX, and the contract balance of the attacked contract is almost zero."

This is a global/international case not involving a specific country.

The background of the exchange platform, service, or individuals involved, as it would have been seen or understood at the time of the events.

Include:

  • Known history of when and how the service was started.
  • What problems does the company or service claim to solve?
  • What marketing materials were used by the firm or business?
  • Audits performed, and excerpts that may have been included.
  • Business registration documents shown (fake or legitimate).
  • How were people recruited to participate?
  • Public warnings and announcements prior to the event.

Don't Include:

  • Any wording which directly states or implies that the business is/was illegitimate, or that a vulnerability existed.
  • Anything that wasn't reasonably knowable at the time of the event.

There could be more than one section here. If the same platform is involved with multiple incidents, then it can be linked to a main article page.

The Reality

This sections is included if a case involved deception or information that was unknown at the time. Examples include:

  • When the service was actually started (if different than the "official story").
  • Who actually ran a service and their own personal history.
  • How the service was structured behind the scenes. (For example, there was no "trading bot".)
  • Details of what audits reported and how vulnerabilities were missed during auditing.

What Happened

The specific events of the loss and how it came about. What actually happened to cause the loss and some of the events leading up to it.

Key Event Timeline - TLGUt5 Tron Contract Hacked
Date Event Description
July 2nd, 2019 12:00:00 AM First Event This is an expanded description of what happened and the impact. If multiple lines are necessary, add them here.

Total Amount Lost

The total amount lost is unknown.

How much was lost and how was it calculated? If there are conflicting reports, which are accurate and where does the discrepancy lie?

Immediate Reactions

How did the various parties involved (firm, platform, management, and/or affected individual(s)) deal with the events? Were services shut down? Were announcements made? Were groups formed?

Ultimate Outcome

What was the end result? Was any investigation done? Were any individuals prosecuted? Was there a lawsuit? Was any tracing done?

Total Amount Recovered

It is unknown how much was recovered.

What funds were recovered? What funds were reimbursed for those affected users?

Ongoing Developments

What parts of this case are still remaining to be concluded?

Prevention Policies

51% attacks can be prevented through a mix of increased block confirmation times and setting checkpoints to prevent large-scale reorganizations. This means the exchange will not credit newly deposited funds, and nodes will be prevented from accepting attacking chains.

References

SlowMist Hacked - SlowMist Zone (Nov 5)

https://bcsec.org/index/detail/id/580/tag/1 (Dec 16)

预警:波场一DApp合约遭黑客交易回滚攻击 (Dec 16)

https://coinmarketcap.com/currencies/tron/historical-data/ (Dec 16)

A Day of the Hacks: 7,710 TRX Stolen of TRON's Game of Dice Attack Using a Reversal of Transactions (Dec 16)

Retrieved from "https://quadrigainitiative.com/cryptocurrencyhackscamfraudwiki/index.php?title=TLGUt5_Tron_Contract_Hacked&oldid=510"