Monero Creator Ricardo Spagni reported the sibyl attack on the cryptocurrency network. According to Spagni, the attackers used the new method, but their attack was ineffective and did not affect transactions, nor could it disrupt the privacy mechanisms.
The organizers of the attack tried to match the IP addresses of the nodes transmitting transactions. Fortunately, in April, as part of the Dandelion++ package, Monero developers added the "hide" function, which prevents deanonymization of transactions due to interference in the node communication process.
"Dandelion++ works by randomly "scattering" transaction transfers. This means that in order to link transactions to the node's IP addresses through the Sybil attack, you will need to intercept it from the very first node, " Spagni explained.
He also noted that in this case, the attackers did not have the tools that would allow them to overcome the protection of Dandelion++. However, even if they launched thousands of nodes, they still would not be able to violate the privacy of transactions, he says.
The attack did not affect users who use lightweight nodes, such as MyMonero, as well as Tor/i2p or VPN and remote nodes.
"However, we did learn a valuable lesson, as sibyl nodes also tried to disrupt the flow of transactions by not transmitting them, and node synchronization by delaying blocks. Thus, the latest release of Monero 0.17.1.3 is well suited for working with malicious nodes," he added.
Spagni advised users, including bitcoin, who are concerned about Sybil attacks, to run their nodes via Tor.