Blockchain TechnologyData PrivacyData Breach in Blockchain Technology

December 29, 20210


The inception of blockchain technology has been a revolutionary change for the world at large. Blockchain, also referred to as Distributed Ledger Technology (DLT), uses decentralization and cryptographic hashing to ensure that the history of any digital asset is unalterable and transparent. Blockchain technology digitizes and distributes data across a network.

This innovative approach not only has a decentralized structure to it but also ensures trust, privacy and more individual control of the user. Thus, with these new age innovations and improvements in technology, things have become more accessible for the common man.

This is important because the amount of data available is expanding at an increasing rate. According to research, about 90% of the world’s data has been gathered in the last two years.

In order to understand blockchain technology better, a Google Doc may be used as an example. Rather than copying or transferring the document, we share it with a group of individuals and the document is distributed. As a result, everyone gets access to the document at the same time in a decentralized distribution chain.

The blockchain clearly is more intricate than a Google Doc, but the analogy is still useful for understanding.

Built-in safeguards, such as software-mediated contracts, cryptography and identity restrictions, are a part of blockchain technology. With this technology, the users can verify access, validate transaction records, and keep their data private in a distributed manner.


Despite these new measures and claiming to be ‘unhackable’, the blockchain sector has been plagued by security difficulties. The proliferation of blockchain networks has led to an increase in the number of hackers. According to several researches, decentralized financial breaches accounted for 76% of all significant hacks in 2021.

These financial breaches have resulted in a loss of over $1 billion in the third quarter of 2021. Additionally, there were 20% more blockchain related hacking incidents in the third quarter of 2021 than in the entire year of 2020.

Outsiders as well as insiders might be involved in attacks on blockchain-based systems. Several of these attacks relied on popular techniques, such as phishing, targeting coding mistakes, social engineering, or attacks on data in transit.


I. New technology leading to new exploitation tactics

Blockchain is no exception to the rule of new technology, bringing with them new tools and techniques of exploitation. An entirely new breed of cyber-threats is on the rise, utilising strategies that can be employed on blockchain networks.

  • Cryptojacking

The term “cryptojacking” refers to the practice of hijacking computers in order to mine cryptocurrencies. It is like supply chain assaults. The difference is that here exists a distributed nature of blockchain.

  • Rug Pull

An example of a rug pull is when an insider, such as a crypto developer, a hired influencer or a criminal gang creates buzz about a project before abandoning it and taking investors’ money. Over 1,300 ‘pump-and-dump’ operations have costed investors billions of dollars in 2021 alone.

  • Flash Loan

When smart contracts built to facilitate flash loans are targeted in order to drain assets elsewhere, this is referred to as a flash loan assault. These attacks take advantage of uncollateralized loans by manipulating smart contract inputs.

In April, 2021, staking and passive investment network ‘xToken’ was attacked using flash loans. Furthermore, the yield-bearing liquidity pools of ‘Synthetix (SNX)’ and ‘Bancor (BNT)’ were depleted by almost $24 million.

II. Focusing on human vulnerabilities

Rather than focusing on the technology, recent attacks against blockchain have focused on human vulnerabilities. For example, Bitfinex’s $73 million hack in 2016 was likely caused by a theft of cryptographic keys and secret digital signatures. In addition to this, endpoint vulnerabilities may also act as entry points for these hackers.

III. Varied structures and levels of blockchains

Architectures of blockchain networks vary widely, especially pertaining to various structures and components introduce security tradeoffs.

However, this heterogeneity is sometimes neglected in market discussions. For example, there is a difference between private and public blockchains in relation to the joining of known or unknown entities to the network and engaging in verification.

There are a wide range of security threats associated with different network setups. Several questions arise as a result of these various arrangements, such as: How is consensus reached? How do the users know whether they are dealing with the right person? How is the data that is in transit handled? Who or what motivates the miners?

It should be noted that there will be new ways to attack and defend against blockchain as the technology continues to advance in future.

IV. Skill shortage in cyber security

There is a critical scarcity of cybersecurity professionals. Even fewer cybersecurity specialists have blockchain experience or understand the new security dangers of the growing Web 3.0 decentralized economy, making this a more serious problem in the blockchain security sector.


  • WhaleFarm

In June 2021, as part of the latest heist in the industry, WhaleFarm, a Decentralized Finance project with an entirely anonymous workforce, stole more than $2 million from investors in a rug pull scam, in a matter of minutes.

  • Squid Game

Another example would be “Squid Game” inspired cryptocurrency token. “Squid Game” is a Netflix show which caught the attention of the world in the fourth quarter of 2021. The show through its crypto token caught people around the world off guard.

Before plunging to an all-time low price, it hit the price of $2,856. Soon after the plunge in its price, the creator of the token shut down the website after the big price plunge which made it a perfect crypto scam.

  • bZx

In November 2021, more than $55 million worth of cryptocurrency assets from a Decentralized Finance network called bZx has been stolen. The said platform allows the users to borrow, loan, and speculate on cryptocurrency price variations.

  • BitMart

In December 2021, BitMart, a cryptocurrency trading network disclosed that some malicious hackers’ stole funds worth estimated $150 million. Following this attack, Peckshield, a blockchain security firm estimated losses of about $200 million, which included $100 million on the Ethereum blockchain and $96 million on the Binance Smart Chain.


Non-fungible tokens, huge investment, and a resurgent market capitalization are just a few of the innovations that have ushered in 2021 in the blockchain sector. However, market fervor and engagement draw more than just the ardent adopters and the big headlines.

The aforementioned characteristics also reveal the expanding scope of current cybersecurity concerns as well as the new threats that decentralized systems might engage with. Even though the decentralized system is much more secure than a centralized system, it is not a foolproof system.

As we have seen above, data breach still happens in a decentralized system like blockchain.

The next-generation Web 3.0 presents the opportunity of not just empowering people through decentralization of governance in relation to technological, social and economic sectors but it is also about securing the whole system in a better manner.

Team AMLEGALS assisted by Ms. Pragya Dhanjika (Intern)

For any query or feedback, please feel free to get in touch with or

Leave a Reply

Your email address will not be published. Required fields are marked *

Current day month ye@r *

© 2020-21 AMLEGALS Law Firm in Ahmedabad, Mumbai, Kolkata, New Delhi, Bengaluru for IBC, GST, Arbitration, Contract, Due Diligence, Corporate Laws, IPR, White Collar Crime, Litigation & Startup Advisory, Legal Advisory.


Disclaimer & Confirmation As per the rules of the Bar Council of India, law firms are not permitted to solicit work and advertise. By clicking on the “I AGREE” button below, user acknowledges the following:
    • there has been no advertisements, personal communication, solicitation, invitation or inducement of any sort whatsoever from us or any of our members to solicit any work through this website;
    • user wishes to gain more information about AMLEGALS and its attorneys for his/her own information and use;
  • the information about us is provided to the user on his/her specific request and any information obtained or materials downloaded from this website is completely at their own volition and any transmission, receipt or use of this site does not create any lawyer-client relationship; and that
  • We are not responsible for any reliance that a user places on such information and shall not be liable for any loss or damage caused due to any inaccuracy in or exclusion of any information, or its interpretation thereof.
However, the user is advised to confirm the veracity of the same from independent and expert sources.