Blockchain Safety Apr 06, 2021

Erebus – attacks on blockchain

Erebus is a type of attack that can affect the network of cryptocurrencies, such as Bitcoin and derivatives, change its operation, and even make its normal operation impossible.

Erebus attack-a dangerous enemy for cryptocurrency networks

Among the less known threats in the world of cryptocurrencies, the Erebus attack has recently appeared. This is a type of attack based on a distributed denial of service or DDoS attack that can take control of the entire cryptocurrency network to the point that it becomes unusable. Undoubtedly, this is a serious threat to the functioning of cryptocurrencies, which can disrupt efforts to create a decentralized world. Fortunately, the developers of the cryptocurrency are not only aware of the cyber threat, but have also created countermeasures to prevent such an outcome.

But how is it possible that Erebus can disable the cryptocurrency blockchain? What measures have been taken to avoid this problem? Well, this and much more we will explain to you in this article.

What is an Erebus attack?

The well-studied Erebus attack is actually a distributed denial of service (DDoS) attack, meaning it is a cyberattack that aims to interrupt the proper functioning of the network, making it inaccessible to users. Thus, no user (or a significant part of them) can perform transactions with cryptocurrency in the attacked network.

To achieve this, the Erebus attack works in two stages:

  • First, it creates a point of intervention and control using malicious nodes, the purpose of which is to manipulate the connections of other network nodes and divide the network.
  • Secondly, it manipulates the information that is transmitted over the network and does not allow it to reach its destination.

These types of attacks pose a serious risk to the security of cryptocurrency blockchains and users. The work that led to the discovery of this form of threat was carried out by researchers Muoi Tran, Inho Choi, Gi Joon Moon, Anh Woo. Woo and Min Seok Kang, who developed the theory and functional proof of concept in July 2019, in their paper “Bitcoin Peer-to-Peer Covert Attack”.

From that moment, the developers of the cryptocurrency began to take measures to prevent such attacks. And Bitcoin developers were the first to take measures to prevent this type of attack on the network.

How does the Erebus attack work?

How does the Erebus attack work?

Now, to understand how the Erebus attack works, you must first understand how the cryptocurrency network works. In this sense, it is good to note that the cryptocurrency network is nothing more than a swarm of computers that have software installed on them that allows them to communicate with each other. These computers send and receive information over the Internet using a common language or protocol that allows them to work together. For example, a computer with Bitcoin software located in Russia can send and receive information to other computers located in any other part of the world, all without intermediaries and in a decentralized manner. This is what we call a peer-to-peer, or P2P network.

Now, although the network of Bitcoin and other cryptocurrencies is organized in a highly decentralized manner, the Internet, the communication bridge between the nodes of these networks is a very different story. The Internet is a network of millions of computers, but it is not completely decentralized. In fact, there are moments that are so important that manipulating them will deprive millions of people of access to the Internet. In addition, your Internet service provider may also manipulate your connection and, for example, deny you access to a particular website or service.

At the moment, it is clear that the Internet is a weak point in the work of the cryptocurrency network. Especially if there is someone who can manipulate such connections at a low level, causing the cryptocurrency network to work incorrectly.

Well, that’s exactly what the Erebus attack does. Taking advantage of the capabilities of a cryptocurrency protocol such as Bitcoin to connect various network nodes, it performs a man-in-the-middle (MITM) attack to control the connections of these connected nodes. MITM occurs when someone can intercept a connection between two machines in order to listen and even manage all the information shared by the two machines during the connection. So basically, the one who does the MITM is the spy, the one who can see all the information that we share with the rest.

To implement an Erebus attack, you need to use two weak points:

  1. A section of the Internet that is managed by an AS (autonomous system). This allows the companies or governments that control them to manipulate the traffic of their networks and subnets as they see fit.
  2. Weak selection and variability of node connections to other nodes in the network. Because of this, anyone who controls the AS can manipulate node connections so that they connect to managed nodes within the range of the malicious AS.

Scope and danger of attack

Scope and danger of attack

As a result of these two weaknesses, an Erebus attack can manipulate the connections of the victim nodes and redirect them at will. This will, for example, make the following scenarios possible:

  • Impact on cryptocurrency consensus rules.

This is possible for an attacker, because by manipulating the connection of network nodes and redirecting it to nodes controlled by a set of different consensus rules, they can break the entire network consensus, causing a hard fork. Thus, an attacker can apply any set of consensus rules to the network that they wish.

  • Managing the power of mining in the network.

Since an attacker can change the communication routes in the network, it is possible that he will capture the mining power by splitting the network. Miners depend on the pool nodes for their work, and if these nodes are hacked, the miners ‘ work can go wherever the attacker wants. Thus, with such mining power in its favor, it is possible to perform any other type of attack using schemes such as the 51% attack.

  • This can affect the second-layer protocol and even the side chains that depend on the attacked cryptocurrency network.

So, for example, an Erebus attack on Bitcoin can affect the Lightning Network, and all this is due to the fact that, although LN is a different network, its operation depends on the operation of Bitcoin.

As you can see, the attack range is extensive, but not only. In addition, Erebus has characteristics that make it even more dangerous:

  • The attack is not detected. An attacker can attack the network for days or weeks, and the consequences will not be visible until the malicious action is already performed.
  • This can be done quickly. In fact, any qualified Tier-1 or Tier-2 service provider (large networks or a set of Internet networks) can conduct this kind of cyber attack. According to the study mentioned above, for a layer 2 network, it would be possible to conduct a large-scale attack in less than six weeks using a single computer, and this period can be shortened by using large server complexes, such as Amazon or Google servers.
  • Apply complex countermeasures, which makes solving an attack difficult.

Do these types of threats prove that cryptocurrencies are insecure?

Do these types of threats prove that cryptocurrencies are insecure?

Although an Erebus attack is a threat that can really take a blockchain like Bitcoin out of the game, in practice it is not easy to do this. In fact, the project has already taken action to prevent such an impact on the network. In addition, the idea is to further improve the protection to avoid this type of action and others that may occur in the future.

The researchers behind the discovery of Erebus tested their theory on the example of the Bitcoin network, making the PTS its first cryptocurrency network to be tested.

The reason is that Bitcoin’s P2P communication protocol is vulnerable to this type of cyberattack. In addition, any other cryptocurrency that uses the basis of the Bitcoin P2P communication protocol is also vulnerable. In this sense, such cryptocurrency networks as Bitcoin Cash, Litecoin, Dash (at the node and miner level, not at the masternode), Zcash, Qtum, Bitcoin Gold or DigiByte, and others are susceptible to this attack.

However, a group of cryptocurrencies that use Gossip protocols or their modifications for their work, such as Ethereum, are not susceptible to this type of attack. They can even easily detect an attack by noticing node manipulation.

Solutions to the problem

Despite the danger posed by Erebus, Bitcoin developers have already started working. In fact, with the release of Bitcoin Core 0.20.0, the Bitcoin software offers counter-measures that are thought to complicate the Erebus attack. This function is known as Asmap, the purpose of which is:

  • Prohibit an autonomous system (AS) set of Internet Protocol (IP) routing prefixes connected under the control of one or more network operators from manipulating the routing of node connections in a way that affects the operation of the network.
  • Prevent attackers from using the Edge Gateway Protocol (BGP) to control the routing of packets between different autonomous systems to connect them. At the same time, attackers can effectively intercept node connections and use them to their advantage.

To protect Bitcoin from this problem, the Bitcoin Core development team decided to take some additional actions, including:

  1. Increase the number of node connections to 125 different connections. By default, a node connects to 10 nodes with outgoing connections.
  2. The connections must conform to a grouping system designed to diversify the node connections. This prevents nodes from selecting connections within the same IP group assigned to the same regional AS.

Taken together, these measures make an Erebus attack on Bitcoin even more difficult, but not impossible.

On the other hand, in addition to the actions performed in the PTS, other cryptocurrency derivative projects have also taken the same actions. This is the case, for example, with Litecoin, a project that uses the same network protocol as Bitok, and where they have applied the same rules to protect the network.

In any case, the developers of the cryptocurrency are aware of the risks, and therefore have taken measures to prevent the easy conduct of these attacks. After all, one of the main hallmarks of cryptocurrency is security, and that’s something that will never change.


Author of the article

How to listing my coin/token to the SPACEBOT?

Application Form for Listing

Please Kindly Answer the Following Questions:

  1. 1. Coin Recommender
    1. 1.1 Anyone Introduces You to SPACEBOT?
    2. 1.2 Referral’s Name, Mailbox, Telegram Account
  2. 2. Introduction of the Project
    1. 2.1 Name of Project, supporting both Russian and English
    2. 2.2 Official Website
    3. 2.3 Documentation link (api for developers)
    4. 2.4 Symbol (url:, etc.) ATTENTION: It’s a prerequisite! If information about your coin is not available on this resource, we can agreed and list it on Listing price from 10 ETH.
    5. 2.5 Offering Price (url:, etc.)
    6. 2.6 Total Fundraising Amount (url:, etc.)
    7. 2.7 Brief Introduction of your Project Covering its Positioning, Features , etc.
    8. 2.8 Expected Trading Pairs against BTC, USDT, ETH (url:, etc.)
    9. 2.9 Anyone in Charge of the Project
    10. 2.10 Contact of Project Manager
    11. 2.11 Project promotion Channel like Website, Wechat Official Account, Twitter, etc.
    12. 2.12 Attachment of Source File of Token Logo
    13. 2.13 Is the Project Tokens Based on ERC20 (or other blockchain)?
    14. 2.14 Any Market Value Management?
  3. 3. Project Marketing ant Its Users Scale
    1. 3.1 Expected Listing Date
    2. 3.2 Users Community in Telegram, Twitter, Reddit, Slack, WeChat, QQ Group , etc. and Its Links and Scale
    3. 3.3 Media Reports and Links
    4. 3.4 Time and Place of Roadshow or Other Marketing Campaign?
    5. 3.5 Marketing Budget on SPACEBOT and Token price establishing margin
  4. 4. Qualifications
    1. 4.1 Basic Information of Team Members
    2. 4.2 Consultants or Public Figures
    3. 4.3 Early Investment
    4. 4.4 Whether Listed on Quote Platform,such as Feixiaohao ,CoinMarketCap, etc.
  5. 1. Notes for Listing
  6. 2. SPACEBOT the unique software, for co-production of cryptocerrency. SPACEBOT provides an opportunity to get a monthly increase in the productivity of the cryptovoltaic minting of PRIZM, BIP and other cryptocurrency due to the total increase of the balance in the network of blockages through the “Proof-of-Stake” system.
  7. 3. SPACEBOT is only responsible for verification of authenticity and legitimacy of projects. SPACEBOT will not evaluate the project, and not provide any moral and value endorsement. The digital assets team will take full responsibility for all illegal irregularities such as illegal fund-raising, pyramid selling, money laundering, gambling, drug abuse, fraud, being banker of the asset, etc.
  8. 4. The digital asset teams need to make preventive measure with SPACEBOT to keep away from crushing the market. Otherwise we will end the cooperation.
  9. 5. SPACEBOT will remove the project from the list if : The dissolution of team keeps our client away from mining, transferring, block inquiring, etc. No investors trade, hold, use this token; technical failure which affect mining, transferring, block inquiring, etc. The team has some illegal irregularities such as illegal fund-raising, pyramid selling, money laundering, gambling, drug abuse, fraud, being banker of the asset, etc.

How to register a new users on SPACEBOT?

Registration on SPACEBOT is available only via the referral link which you can get after bonding 100 coins to the pool.

In order to get the link through the Telegram bot:
1. Send 100 coins to the wallet given by the bot: Wallet – Deposit
2. Bond 100 coins to the pool: Wallet – Deposit for paramining
3. Skip to ‘Affiliate program’ section and copy your referral link
4. Now you can share your referral link and invite new users

In order to get the link through iOS/Android:
1. Send 100 coins to the wallet given by the App: Home screen – Refill
2. Bond 100 coins to the pool: Home scren – Bond
3. Skip to ‘Affiliate program’ section and copy your referral link
4. Now you can share your link and invite new users

How to install the iOS App?

To install the App

1. Follow the link:

2. Сlick ‘Install’ and follow the standard steps to install the App on your device

3. If you are a new user – press ‘Register’ (you need to indicate your inviter; find your inviter`s ID or get a referral link in the ‘How to register a new user’ section)

4. If you already have your SPACEBOT Telegram account you need to link it to email. You may find how to do it in ‘How to link email to your SPACEBOT account?’ section.

How to install Android App?

To install the App:
1. Follow the link:

2. Press ‘install’ and follow the standard steps to install the App on your device.

3. If you are a new user – press ‘register’ (you need to indicate your inviter; find your inviter`s ID or get a referral link in the ‘How to register a new user’ section)

4. If you already have your Telegram SPACEBOT account you need to link it to email. You may find how to do it in ‘How to link email to your SPACEBOT account?’

How to top up your balance?

Top up your balance with Telegram bot:
1. Go to ‘Wallet’ section
2. Press ‘Deposit’
3. Copy the wallets sent to you (be careful not to copy extra symbols)
4. Transfer coins to the copied wallet adress

Top up your balance with iOS/Android App:
1. Press ‘Top up’ on the mail screen
2. Copy the wallets sent to you (be careful not to copy extra symbols)
3. Transfer coins to the copied wallet adress

* Track transaction on the blockchain:

**Please note that depositing of coins requires certain number of confirmations in the network and it takes time to process a transaction with our algorightm

***Also note that many exchanges and wallets services carry out transfers with delay (on some exchanges it can take up to 72 hours), and you shouldn`t worry since this is a stadard procedure.