论文标题
贵族软件:利用智能合同漏洞以获取乐趣和利润
Extorsionware: Exploiting Smart Contract Vulnerabilities for Fun and Profit
论文作者
论文摘要
已证明在区块链上公开部署的智能合约(SCS)包括多个漏洞,用户可以恶意利用这些漏洞。在本文中,我们提出了否定软件,这是一项新颖的攻击,利用了脆弱的SC的公共性质,以控制受害者的SC资产。由于获得了SC的控制权,攻击者迫使受害者付出代价,以重新获得对SC的独家控制。
Smart Contracts (SCs) publicly deployed on blockchain have been shown to include multiple vulnerabilities, which can be maliciously exploited by users. In this paper, we present extorsionware, a novel attack exploiting the public nature of vulnerable SCs to gain control over the victim's SC assets. Thanks to the control gained over the SC, the attacker obliges the victim to pay a price to re-gain exclusive control of the SC.
