Steem chokes on a big one!
Today the STEEM blockchain got hit with an attack aimed at disrupting its usual functionality. Particularly by stalling steemd nodes causing witnesses to miss blocks.
The Big One
Numerous witnesses missed blocks because of the size of the transaction that is being broadcast. The blockchain rejected those blocks, causing witnesses to fail at processing normal transactions.
The transaction is as follows:
{"trx":{"ref_block_num":4943,"ref_block_prefix":2623990396,"expiration":"2018-04-23T20:49:12","operations":[["custom_json",{"required_auths":["notahotdog"],"required_posting_auths":[],"id":"nothotdog0.2866754495943664","json":"["biggadicka",{"data":"BiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKaBiGGaDiCKa....
The Culprit
The account the attack was launched from is @notahotdog and the actual attack consisted of sending a long custom JSON transaction as seen here:
Looking forward to check in on steem.chat and github for a potential node update as soon as possible.
You got my upvote because I do appreciate the information but drakos has a point...
Has there been multiple attacks?
Not a good idea to tell people about vulnerabilities until they are fixed. You just handed malicious users a tool they could use. I suggest you delete this post until a fix is implemented.
Well, shit. I read this right after I hit the resteem button... I appreciated the information but I had not thought of THAT.
It's common sense.
Lol! That reply reminds me of the IT guy at the office I used to manage. I would call him in to fix something technical, and he would make some comment implying I was the only one in the building who would not understand what the problem was...
My reply was "You want to go do an eye exam? Whenever you are ready to trade jobs just let me know."
I am not a tech person, I have no "sense" about blockchain issues so it may be common but it bypassed me!
The vulnerability is occurring precisely at the time the modifications to the platform are made. We are working on a beta application, security will be perfected, but hackers are around the corner stalking day and night. If you have noticed, this is related to the theft of accounts.
We all have something to lose, so we must be informed of all events.
Be in good hands, that you work several hours a day to perfect the platform. Let's have a little patience, and take our personal actions for individual security that will result in the security of the platform itself.
Don't believe so. The phishing/voting botnets haven't seemed to be intentionally attacking the chain.
You have a point, that being said I don't feel anything in this post is overly revealing about the technique used here. Anyone can see these transactions on steemd or in their node logs. This is about spreading the word that there are vulnerabilities causing certain issues and the community needs help to fix. Rather than attracting wrongdoers (which are already here) it may attract some positive feedback.
thank you for sharing donchate, I for one appreciate you being transparent and spreading the news so we're not all in the dark and not cowtowing to pressure.
please consider saying hi at our discord, would love to chat.
ॐ we are one ॐ
@lanmower is a
steemPunk
Why has this post been downvoted? So that the vunerability will not be duplicated?
I only see upvotes now.
Yep me too now. Thanks.
You don't upvote yourself? I'd upvote your reply but it wouldn't count.
No, have never self voted intentionally.
Oh. I'd upvote your replies but it wouldn't count because of the .02 earnings threshold.
Hey, friend, at 80 SP you ought to be able to overcome the dust threshold if you let your voting power recover! On a recent post you showed a screenshot of about 17% vote power. That comes from voting (or flagging) too often.
It recovers about 20% a day, and drains about 2% with each vote. So we get roughly 10 votes per day if we want to stay near full power. I just recently learned this, hope you find it helpful.
Nope. At 100% my vote is about .015. It may show as .02 but it's still worthless if I go solo. FYI you can upvote my posts and comments after 30 minutes and earn curation rewards. I always make my posts and upvotes count.
I support your choice:-)
Hello friend @dracos, it is no longer Top 50, now it is Top 26. Congratulations.
I'm trying really hard not to snicker at this ridiculous code. I'm not succeeding.