Bitmart BSV 51% Attack

From Quadriga Initiative Cryptocurrency Hacks, Scams, and Frauds Repository
Jump to navigation Jump to search

Notice: This page is a freshly imported case study from the original repository. The original content was in a different format, and may not have relevant information for all sections. Please help restructure the content by moving information from the 'About' and 'General Prevention' sections to other sections, and add any missing information or sources you can find. If you are new here, please read General Tutorial on Wikis or Anatomy of a Case Study for help getting started.

Notice: This page contains sources which are not attributed to any text. The unattributed sources follow the initial description. Please assist by visiting each source, reviewing the content, and placing that reference next to any text it can be used to support. Feel free to add any information that you come across which isn't present already. Sources which don't contain any relevant information can be removed. Broken links can be replaced with versions from the Internet Archive. See General Tutorial on Wikis, Anatomy of a Case Study, and/or Citing Your Sources Guide for additional information. Thanks for your help!

Bitmart Logo/Background

Bitmart operates a large crypto-asset exchange platform, which includes BSV. On BSV, there are well documented and regular 51% attacks, which occur due to a lack of mining power. Securing against a 51% attack generally consists of implementing a large enough number of confirmations before a deposit is accepted. Bitmart did not secure themselves properly, and suffered from the attack.

As a result, Bitmart applied to the New York court to allow themselves to adjust and penalize international customers at their discretion. The Bitcoin Association, a key influencing group over th BSV blockchain, then split the chain into 3 separate chains by requesting that miners reject the first block associated with the double spend.

The end result is chaos, with exchange users, miners, and BSV users suffering arbitrary losses, depending on their exact course of decisions through the time period. Exchange users suffer losses if they purchase the fraudulent coins and are mischaracterized as being part of the attack. Miners suffer losses if they pick the wrong branch to mine on. BSV users suffer losses if their payments are cancelled or altered by the block reorganization.

This exchange or platform is based in Cayman Islands, or the incident targeted people primarily in Cayman Islands.[1][2][3][4][5][6][7][8][9][10][11][12][13][14]

About Bitmart

"Our mission is to provide simple and secure crypto products and services. Whether you are an individual or an institution, we want to help you buy, sell, and store your cryptocurrency. Our vision is to bring cryptocurrency available to everyone everywhere, we believe, the decentralized digital currency will reshape the global economic fundamentally, such financial freedom would bring further economic innovation, efficiency, and equality to the world. But it won’t happen unless we build simple, and secure products for individuals and institutions around the world to discover and interact with this new frontier."

"Our professional team members come from Amazon, Accenture, Tencent, Alibaba, and other top-tier tech firms. We unite together and built a more cost-efficient and user-friendly financial platform to involve every individual all over the world. The team has grown by leaps spanning the global mission to accelerate the world to a highly efficient global financial system."

"Trust, as of the fundamental of the financial system, and the core to the decentralized token economy. We fully understand all the challenges that the cryptocurrency ecosystem is facing to, hence we are committed into compliance, reliability, security, customer care, and deliver the seamless user experience to build the trust. As a global exchange platform, we hope the halo of digital assets can benefit every investor. It is our vision to provide an environment with smooth accessibility and suitable entry barrier for every potential investor, making the digital assets significant. No matter for entry-level traders or professional investors, BitMart provides several finely tailored services, including listing numerous top-grade digital assets for our clients to invest and success, providing an industrial developer platform for advanced traders, and customizing the best-fit assets management solution for institutions of all sizes."

"A series of block reorganization attacks geared towards double spending directed at the BSV network occurred on June 24 and on July 1, 6 and 9, 2021." "On July 8, 2021 BSV chain had reports of an ongoing 51% attack. The attack was reported to be coming from a miner going by the name ZULUPool."

"As part of regular monitoring of the network by the Bitcoin SV Infrastructure Team, the Association has been made aware of an illegal attack against the Bitcoin SV network. A malicious actor has recently been carrying out block re-organisation attacks on the Bitcoin SV network, which appear to be intentional acts in an effort to mask the illegal double-spending of coins."

"The Bitcoin SV Infrastructure Team have identified one of the addresses connected with the attack (1G47mSr3oANXMafVrR8UC4pzV7FEAzo3r9) as being long associated with ransomware and other attacks on the BTC, BCH and BSV chains – so the malicious actor is engaged in illegal activity which could involve also BTC and BCH, and not just the BSV network."

"At this stage, neither Bitcoin Association nor the Bitcoin SV Infrastructure Team can confirm the exact identity or identities of the attackers. The malicious party is carrying out their attacks under the ‘Zulupool’ moniker. We do not believe that the malicious actor is the same ‘Zulupool’ that has long been associated with the Hathor miner of the same name. Instead, we believe the attacker is impersonating ‘Zulupool’."

"[T]o date, neither Bitcoin Association, nor the Bitcoin SV Infrastructure Team, nor any exchanges with whom we are in contact, have received any reports of anyone claiming to be a victim of a double spend."

"Over a dozen blocks are being reorgd & up to 3 versions of the chain being mined simultaneously across pools."

"To invalidate the fraudulent chain, node operators should run the following command on their #BitcoinSV node: bitcoin-cli invalidateblock 000000000000000003B67AEC95E9B5DA897EB5EBF3227D5A6A67835104367840"

"Bitcoin Association has been made aware that digital asset exchange Bitmart has claimed that the attacker has used its exchange to deposit ‘fake’ BSV from the double-spend attack and trade them for other coins; the attacker was then able to move some of these fraudulently acquired to other exchanges. On July 23, Bitmart filed a legal action for injunctive relief in the U.S. District Court for the Southern District of New York seeking to prevent the attacker(s) from further transferring traded coins from Bitmart’s exchange accounts and asking for third-party exchanges to freeze traded coins they received from the attacker."

"Since the malicious nature of the re-orgs on the Bitcoin SV network were identified following the July 6 attacks, the Bitcoin SV Infrastructure Team have taken action to both help protect the network and collect evidence of the illegal activity. This information is being collated and shared at regular intervals with Bitcoin Association’s legal team. Bitcoin Association’s representatives have already started to contact relevant law enforcement authorities. Bitcoin Association is also preparing to submit criminal complaints in one or more relevant jurisdictions; its affected constituents may also initiate proceedings independently."

"In addition, Bitcoin Association believes an exchange will be adequately insulated from any negative impact of attacks if it: 1) actively monitors the blockchain for block re-orgs; and 2) as an interim protective measure, maintains or extends to at least 20 the number of block confirmations required before BSV deposits are considered valid. We believe this provides sufficient protection against the block reorg attacks. We do not believe exchanges need to completely halt all deposit, withdrawal and trading activity associated with BSV coins. However, Bitcoin Association can only act in an advisory capacity in this instance, as exchanges are independent and will act according to their own procedures and tolerances in such events."

"The owner of the crypto exchange Bitmart has filed a bid for pre-arbitration injunctive relief to prevent Chinese hackers from making illicit transfers using fraudulent Bitcoin SV (BSV) on its platform."

"According to a Monday report, GBM Global Holdings, Bitmart’s owner, filed its bid with a New York federal judge, despite the fraudulent activities taking place largely out of state. The company has argued that the Southern District Court of New York nonetheless has jurisdiction over 'fraudulent or manipulative acts with foreseeable effects in New York' and is therefore requesting that the judge intervene before the hackers are able to sell the illicit crypto on the open market."

"The heavily redacted bid reportedly claims that the funds will be significantly harder to recover on behalf of affected users if there is no intervention. Bitmart claims that the hackers defrauded a minimum of 43 of its users in the United States by minting fraudulent BSV in violation of the U.S. Commodities and Exchange Act."

"Defendants are foreign, impossible-to-identify hackers intent on fraud, there is almost no likelihood that they would pay a damage award. Short of receiving an injunction of already-identified, fraud-begotten cryptocurrency, there is no way for Petitioner to secure ultimate recovery."

"The Bitcoin SV network remains safe to use and is operating as it usually would. However, in the short term, Bitcoin Association recommends only sending and receiving BSV between identified parties where possible. When transacting with unknown or untrusted parties, for an interim period, we advise waiting for at least 20 block confirmations before considering the transaction safe and settled."


About BSV

Bitcoin Satoshi's Vision (BSV), a prominent cryptocurrency, has faced a tumultuous period marked by network attacks and exchange delistings. Craig Wright, BSV's founder, claims to be the creator of Bitcoin itself, adding controversy to the currency's history.

The Reality

This sections is included if a case involved deception or information that was unknown at the time. Examples include:

  • When the service was actually started (if different than the "official story").
  • Who actually ran a service and their own personal history.
  • How the service was structured behind the scenes. (For example, there was no "trading bot".)
  • Details of what audits reported and how vulnerabilities were missed during auditing.

What Happened

The specific events of the loss and how it came about. What actually happened to cause the loss and some of the events leading up to it.

Key Event Timeline - Bitmart BSV 51% Attack
Date Event Description
July 8th, 2021 51% Attack Event The 51% attack is carried out against the BitMart platform.
July 23rd, 2021 7:46:00 AM MDT CoinDesk Article Mention The incident is mentioned in a CoinDesk article[14]. CoinDesk reports that Bitcoin Satoshi's Vision (BSV) has faced significant challenges recently, including network attacks and exchange delistings. These attacks, occurring in June and July, caused concerns among market participants regarding the security of the BSV network. The Gravity exchange suspended BSV trading temporarily due to liquidity issues, while Binance announced the shutdown of its BSV mining pool, potentially weakening the network's security further. Craig Wright, BSV's controversial founder, faced criticism, with several exchanges delisting BSV over the past two years. Despite these setbacks, some exchanges continue to support BSV trading, while the Bitcoin Association strives to restore BSV services. The extent of the damage from the recent attacks remains unclear, with no evidence of losses incurred by users. However, the Bitcoin Association is actively investigating the attacks, aiming to prevent such incidents in the future[14]. The article is later reposted on the NASDAQ[15].
June 23rd, 2022 5:45:00 PM MDT The Block Article on Arbitration The Block reports that BitMart has emerged victorious in an arbitration ruling concerning a July 2021 hack that saw $6 million drained from its coffers[16]. The arbitration found in favor of GBM Global Holding Company Limited, BitMart's parent company, in its bid to recover stolen funds from an attack on the Bitcoin Satoshi Vision (BSV) blockchain. Per the ruling, 92 respondents engaged in a 51% attack on the BSV blockchain, executing fake transactions to falsely claim ownership of 91,000 BSV tokens. These tokens were then traded for other cryptocurrencies, resulting in the significant loss. Arbitrator Dani Schwartz ordered damages to be paid within 45 days, amounting to $5,231,549.42 based on the calculated damages. If approved by a judge, third-party exchanges involved in converting the stolen funds will be required to surrender any frozen assets to BitMart. This victory follows BitMart's experience of a larger hack in December 2021, which resulted in the loss of $150 million in crypto[16].
June 28th, 2022 10:52:05 PM MDT BlockThreat Weekly Summary An update on the incident is included in a BlockThreat weekly article summary. It reports that an arbitration award was won by the BitMart platform[17].

Technical Details

This section includes specific detailed technical analysis of any security breaches which happened. What specific software vulnerabilities contributed to the problem and how were they exploited?


"Rather, the block reorganization attack was carried out by an “unknown miner operating under the ‘Zulupool’ moniker,” according to an email from the Bitcoin Association to CoinDesk. Again, to be clear, this miner was an impostor."[14]

“It is more likely [the impostor] made use of a portion of the ~100Eh/s of hashrate that was recently decommissioned in China to attempt a double-spend attack on some lower difficulty chains," Petty went on. "This is only possible because BSV's hashrate currently sits around 0.5-1Eh/s, or 0.5% of the BTC chain, meaning even smaller BTC miners could trivially out-mine TAAL to perform large reorg attacks.”[14]

Total Amount Lost

The total amount lost is unknown.

How much was lost and how was it calculated? If there are conflicting reports, which are accurate and where does the discrepancy lie?

Immediate Reactions

How did the various parties involved (firm, platform, management, and/or affected individual(s)) deal with the events? Were services shut down? Were announcements made? Were groups formed?


Recent attacks on the BSV network led to concerns among market participants, with the Gravity exchange temporarily suspending BSV trading due to liquidity issues[15]. Furthermore, Binance announced the suspension of its BSV mining pool, which could weaken the network's security. Despite ongoing challenges, some exchanges continue to support BSV trading, while the Bitcoin Association aims to restore BSV services. The recent turmoil has contributed to a significant decline in BSV's price, reflecting investor uncertainty in the cryptocurrency's future[15].

Ultimate Outcome

What was the end result? Was any investigation done? Were any individuals prosecuted? Was there a lawsuit? Was any tracing done?

BitMart Seeks US-Based Injunction

"Bitmart sought an injunction in the U.S. and, while the jurisdiction was not entirely obvious, Judge Alison J. Nathan ruled in favor of the exchange after the defendants failed to respond to the plea. This means that accounts and the BSV tokens within them will be retained by the exchange, who will presumably freeze or destroy them given that their reintroduction into the system would affect the BSV supply."

The "U.S. District Court judge has ruled that, for the time being, BSV tokens that arrived on the Bitmart platform following a 51% attack on the blockchain cannot be moved. Bitmart had petitioned that the coins, which were moved to their platform and mostly sold by the Russian hackers, should not be released to them given their illegal origin. 51% attacks can result in recent transactions being undone and coins being spent over again, known as ‘double spending’. Proof-of-work coins are susceptible to 51% attacks if they don’t have the requisite amount of decentralization in their mining profile, or the hashrate is so low it can be easily overcome."

"Bitmart was able to pinpoint at least 43 of its users that had been damaged by the activities of the BSV chain attackers and froze 92 accounts, and the remaining BSV within them, they found to be associated with the illegal activity."

Arbitration Award Won

In 2022, BitMart won an arbitration award, which entitled them to a return of ...[17] The Block reports that BitMart has emerged victorious in an arbitration ruling concerning a July 2021 hack that saw $6 million drained from its coffers[16]. The arbitration found in favor of GBM Global Holding Company Limited, BitMart's parent company, in its bid to recover stolen funds from an attack on the Bitcoin Satoshi Vision (BSV) blockchain. Per the ruling, 92 respondents engaged in a 51% attack on the BSV blockchain, executing fake transactions to falsely claim ownership of 91,000 BSV tokens. These tokens were then traded for other cryptocurrencies, resulting in the significant loss. Arbitrator Dani Schwartz ordered damages to be paid within 45 days, amounting to $5,231,549.42 based on the calculated damages. If approved by a judge, third-party exchanges involved in converting the stolen funds will be required to surrender any frozen assets to BitMart. This victory follows BitMart's experience of a larger hack in December 2021, which resulted in the loss of $150 million in crypto[16].

Total Amount Recovered

There do not appear to have been any funds recovered in this case.

What funds were recovered? What funds were reimbursed for those affected users?

Ongoing Developments

What parts of this case are still remaining to be concluded?

General Prevention Policies

51% attacks are generally defended against by requiring a large number of confirmations before a deposit is accepted.

Individual Prevention Policies

No specific policies for individual prevention have yet been identified in this case.

For the full list of how to protect your funds as an individual, check our Prevention Policies for Individuals guide.

Platform Prevention Policies

Policies for platforms to take to prevent this situation have not yet been selected in this case.

For the full list of how to protect your funds as a financial service, check our Prevention Policies for Platforms guide.

Regulatory Prevention Policies

No specific regulatory policies have yet been identified in this case.

For the full list of regulatory policies that can prevent loss, check our Prevention Policies for Regulators guide.

References

  1. No Title (Jul 24, 2021)
  2. Bitcoin Association statement: Zero tolerance for illegal attacks on the Bitcoin SV network - Bitcoin Association (Jul 24, 2021)
  3. FAQs: July 2021 block withholding/re-organisation attack on the BSV network - CoinGeek (Aug 22, 2021)
  4. BSV Attacks Illustrate Network’s Professional Approach to Blockchain - The World Financial Review (Aug 22, 2021)
  5. Beware of false speculations: BSV is not collapsing due to malicious attacks – Bankless Times (Aug 22, 2021)
  6. Bitmart seeks restraining order to prevent hackers from selling fake BSV (Aug 22, 2021)
  7. BitMart - Cryptocurrency Exchange | Buy & sell Bitcoin, Ethereum, Tether instantly (Aug 22, 2021)
  8. BitMart - Cryptocurrency Exchange | Buy & sell Bitcoin, Ethereum, Tether instantly (Aug 22, 2021)
  9. BSV Tokens From 51% Attack Cannot Leave Bitmart Exchange - FullyCrypto (Aug 29, 2021)
  10. Bitcoin SV rocked by fifth 51% attack, serial culprit attempts double spends (Aug 29, 2021)
  11. @BitcoinAssn Twitter (Aug 29, 2021)
  12. Breaking: BSV reportedly suffers ‘massive’ 51% attack (Aug 29, 2021)
  13. Bitcoin SV rocked by three 51% attacks in as many months (Aug 29, 2021)
  14. 14.0 14.1 14.2 14.3 14.4 What Is Going On With Bitcoin SV? - CoinDesk (Accessed Apr 3, 2024)
  15. 15.0 15.1 15.2 What Is Going On With Bitcoin SV? - NASDAQ (Accessed Jul 24, 2021)
  16. 16.0 16.1 16.2 16.3 BitMart wins arbitration award over July 2021 hack - TheBlock (Accessed Apr 3, 2024)
  17. 17.0 17.1 BlockThreat - Week 25, 2022 (Accessed Mar 23, 2023)
Retrieved from "https://quadrigainitiative.com/cryptocurrencyhackscamfraudwiki/index.php?title=Bitmart_BSV_51%25_Attack&oldid=5615"