The Ethereum network just faced its second denial-of-service attack this week. Ethereum co-founder and developer Jeffrey Wilcke issued a warning to miners, recommending them to mine with a Parity node. The attack exploited a vulnerability in one of the opcodes and slowed the network down.
The first DoS attack exploited a bug in the Ethereum protocol, which resulted in Geth nodes running out of memory and crashing. The problem happened right before Devcon2, an Ethereum developer conference held in Shanghai over the weekend. Within hours, Ethereum core developers released a quick fix for the Geth bug.
Although the attacks managed to slow down the network, the Ethereum blockchain still remained functional. This may be due to there being multiple versions of Ethereum clients available. Both attacks resulted in a temporary drop of the network hash rate, likely because of decreased profitability from slower block propagation.
The DoS attacks may have triggered a drop in the price of ETH, which is minimal when compared to the massive crash after the DAO hack.
Ethereum co-founder and lead developer Vitalik Buterin issued a statement proposing a solution. The problem stems from a spam attack on the network and recommends a short term fix of running nodes with flags to increase the cache size. A longer term solution may take longer
“In the medium term (ie. several days to a week), we are actively working on several fixes for the Go client that should both provide a more stable resolution for the present issue and mitigate the risk of similar attacks…”
Ethereum Based Blockchains Attacked
Several weeks ago smaller Ethereum based blockchains were also subject to DoS attacks. Due to their lower hashing power, these DoS attacks were also combined with a 51% attack.
There’s been speculation that these attacks were a dry run for Ethereum Classic but it’s entirely possible they were practice for Ethereum. There’s no hard evidence that this new string of DoS attacks come from the same group. It appears the original attackers had a profit motive by double spending coins and trying to extort these smaller blockchains for ransom.