Calgary police has published the images of four suspects under prosecution in this country because of scam from Bitcoin ATMs in eight cities in Canada. These people succeeded in stealing $200,000 from ATM kiosks in a double spending attack. Their method was in this way that after receiving the cash as their digital asset from ATM and before finishing the processing of the company, they have double spent it. The police investigations about it has started since October 2018. The activities of those suspects were traced in Montreal, Ottawa, Hamilton, Toronto, Winnipeg, Sherwood Park in addition to Calgary and police asked all those who have information about the suspects’ identity to inform that police as soon as possible.
Double Spending is one of the different types of scam through cryptocurrencies. In this attack, the scammer spends the cryptocurrency again. Although this type of scam looks simple through cryptocurrency, doing that via physical money is difficult unless the cash is stolen after being spent. The reason for its easiness is the simplicity of copying digital data. A transaction will not be trustable unless it is added to the Blockchain as a block via cryptocurrencies. Moreover, as more blocks are added to it, the attacker’s chance to reverse it will decrease and will be practically impossible due to high calculation power. Double spending can be conducted in three major ways.
this scenario needs miner’s cooperation. Miner should defer transaction sharing with the remaining part of Blockchain after receiving attacker transaction. During this time, the attacker spends the same digital asset in another transaction. After confirming the second transaction and receiving the good for the first transaction, the miner publishes the first transaction. As such, the first transaction will not be accepted, since the second transaction has been previously confirmed and added to the Blockchain blocks.
in this scenario, the attacker does two consecutive fast spends through a digital asset. One of the spends is done under the attacker’s control and the other for the good or service. If the attacker’s spend to the address under his control is confirmed sooner and shared in the network, the other spend will not be confirmed, and the attacker will have the chance of receiving the good and service without spending.
this scenario can be implemented in the Bitcoin network only if the attacker holds at least 51% of the hash rate of the network. Therefore, the attacker can manipulate Blockchain blocks and reverse the target transactions. Making such an attack needs very high calculation power.
The simplest way to avoid double spending is sufficient waiting for transaction confirmation and adding more blocks after the transaction block. In this way, the attacker’s chance of double spending will strongly decrease.
Sunday, March 24, 2019 8:19:00 AM