Stony Brook Researchers Uncover New Cybersecurity Risks in Blockchain, Win Bronze at eCrime 2024

Muzammil presents at eCrime Boston 2024

Stony Brook University researchers have revealed a new type of vulnerability in blockchain technology, focusing on how cybercriminals can exploit human error in blockchain naming systems. The research, led by Professor Nick Nikiforakis from the Department of Computer Science, earned a bronze medal at eCrime 2024 in Boston for their paper, "Typosquatting 3.0: Characterizing Squatting in Blockchain Naming Systems."

PhD student Muhammad Muzammil, the study's lead author, explained how these vulnerabilities pose significant risks to users. Typosquatting, a deceptive practice that targets minor spelling errors in domain names, is now being applied to blockchain. This can lead to financial losses and compromised digital assets. 

"Our research shows that as blockchain technology evolves, it also introduces new opportunities for malicious actors. A single typo in Blockchain Name Systems can result in cryptocurrency losses of the equivalent of thousands of dollars," said Nikiforakis, head of the PragSec Lab at Stony Brook. 

The study analyzed millions of blockchain names and transactions across multiple platforms. The team uncovered a sharp rise in malicious domain registrations designed to mimic legitimate blockchain users. These typo domains exploit both high-profile names and lesser-known ones, deceiving users into sending cryptocurrency to attackers instead of other users. The team’s findings offer crucial insights into how users and developers can safeguard their assets in the increasingly complex blockchain ecosystem.

Professor and chair of the Department of Computer Science, Samir Das, highlighted the importance of this work. "The team's findings contribute to a deeper understanding of cybersecurity risks and reinforce the need for stronger protections in emerging digital ecosystems. In this new area of cryptocurrencies and Web3, finding ways to safeguard our online interactions is crucial."

This recognition marks another milestone for Nikiforakis’s lab, which has previously earned accolades including the Best Scientific Cybersecurity Paper award by the National Security Agency and Distinguished Paper Awards at multiple conferences. As blockchain technology continues to reshape the digital economy, Stony Brook researchers are playing a vital role in ensuring its security. Their efforts underline a broader mission: to build safer, more resilient digital systems for the future.

 

-By Yuganshu Jain