CryptoBridge Disables Masternode Deposits & Withdrawals in a Possible Fake Stake Attack on PoS Coins
Update: An official statement from CryptoBridge on their Website
In the last 12 hours, CryptoBridge has disabled deposits and withdrawals on several masternode coins. This may be connected to a possible “Fake Stake” attack on chain-based Proof-of-Stake (PoS) cryptos. Some of those disabled masternodes are ColossusXT, ALQO, LUXCORE, PHORE, PIVX, HempCoin, Altbet, SafeInsure, Vsync, Rhenium, Polis, CTST, eBlockCoin, Stakinglab, LRMcoin and SCN. ALQO and LUXCORE deposites have been re-enabled again.
Decentralized Systems Lab published a Medium article on January 22 detailing what a “Fake Stake” attack was, as well as the current vulnerability facing some PoS cryptocurrencies. The article highlighted that over 26 PoS cryptos were vulnerable to the attack. The researchers went further to state that they began notifying the development teams of affected cryptocurrencies since October 2018.
The vulnerability which they dubbed “Fake Stake” allows an attacker with little or no stake on a network to crash any of the nodes by running a corresponding software. All PoS coins that utilize Bitcoin’s UTXO model and longest chain consensus rule are vulnerable to this attack since they do not “adequately validate network data” before committing RAM and disk space. What an attacker does is fill up a victim’s node with bogus data, thereby crashing it.
CryptoBridge in responding to the query of users on why they are disabling deposits and withdrawals pointed to the article by Decentralized Systems Lab. This may mean that some coins are under attack. Below is a screenshot of some of the coins that have been disabled on the exchange.