Eclipse attacks are a type of cyberattack where an attacker creates an artificial environment around one node, or user, which allows the attacker to manipulate the affected node into wrongful action. Crypto and web 3.0 assets are often targeted by eclipse attack attempts.
In an eclipse attack, a malicious actor isolates a specific user or node within a peer-to-peer (P2P) network.
The attacker’s goal is to obscure a user’s view of the P2P network in preparation for more complex attacks or to cause general disruption with the purpose of discrediting a project or an institution. Eclipse attacks can only be performed on blockchain nodes that accept incoming connections from other nodes, and not all nodes accept incoming connections.
In a bitcoin network, for example, there are by default a maximum of 117 incoming TCP connections and 8 outgoing TCP connections. According to Gemini, in an eclipse attack, the attacker attempts to redirect the target user’s inbound and outbound connections away from its legitimate neighboring nodes to attacker-controlled nodes, thereby sealing off the target in an environment that’s entirely separate from the actual network activity. This process of replacing the visibility of real nodes with fake attacker-controlled ones is what gives the attack the ‘eclipse’ moniker.
If you have any other questions please feel free to reach out to us using the contact us page.Customer Support