Eclipse attacks are a type of cyberattack where an attacker creates an artificial environment around one node, or user, which allows the attacker to manipulate the affected node into wrongful action. Crypto and web 3.0 assets are often targeted by eclipse attack attempts.
In an eclipse attack, a malicious actor isolates a specific user or node within a peer-to-peer (P2P) network.
The attacker’s goal is to obscure a user’s view of the P2P network in preparation for more complex attacks or to cause general disruption with the purpose of discrediting a project or an institution. Eclipse attacks can only be performed on blockchain nodes that accept incoming connections from other nodes, and not all nodes accept incoming connections.
In a bitcoin network, for example, there are by default a maximum of 117 incoming TCP connections and 8 outgoing TCP connections. According to Gemini, in an eclipse attack, the attacker attempts to redirect the target user’s inbound and outbound connections away from its legitimate neighboring nodes to attacker-controlled nodes, thereby sealing off the target in an environment that’s entirely separate from the actual network activity. This process of replacing the visibility of real nodes with fake attacker-controlled ones is what gives the attack the ‘eclipse’ moniker.
Extra reading:
https://www.geeksforgeeks.org/what-is-an-eclipse-attack/
https://cointelegraph.com/explained/what-is-an-eclipse-attack
https://www.usenix.org/conference/usenixsecurity15/technical-sessions/presentation/heilman
If you have any other questions please feel free to reach out to us using the contact us page.
Customer SupportThe MetaWealth™ platform is operated by MetaWealth™ International, which is not a registered broker-dealer or investment advisor. MetaWealth™ does not provide investment advice, endorsement or recommendations with respect to any properties listed on the platform. Nothing on the platform, website or application should be construed as an offer to sell, solicitation of an offer to buy or a recommendation in respect of a security. You are solely responsible for determining whether any investment, investment strategy or related transaction is appropriate for you based on your personal investment objectives, financial circumstances and risk tolerance. It’s important to remember that the value of any investment can go up or down. You should consult with licensed legal professionals and investment advisors for any legal, tax, insurance or investment advice before making an investment decision. A financial advisor can help you to understand your financial goals and risk tolerance, and provide guidance on the best investment opportunities for you. MetaWealth™ does not guarantee any investment performance, outcome or return of capital for any investment opportunity posted on this site. MetaWealth™ is under no obligation to maximise profits. Our primary commitment is to safeguard investor capital and strive to deliver on projected returns. By investing, participants agree to relinquish any claims to profits or returns beyond those expressly projected and realised, as stated herein. By accessing the platform including web site and application, any pages thereof, you agree to be bound by the Terms of Service and Privacy Policy.