A new Bitcoin mining attack breaks the rules of the game

Credit: Unsplash+.

Bitcoin has long been hailed as secure by design.

Its system relies on proof-of-work puzzles, which demand enormous computing power to add each new block to the blockchain.

But when miners pool their computing power together to share rewards more evenly, they create vulnerabilities.

Today, more than 80% of all Bitcoin mining happens through just a handful of open pools, making them tempting targets for attackers.

Over the years, researchers have uncovered several attacks that exploit weaknesses in pooled mining.

Strategies such as Block Withholding (BWH), Fork After Withholding (FAW), Power Adjusting Withholding (PAW), and Fork Withholding under a Protection Racket (FWAP) allow infiltrators to manipulate rewards by withholding blocks or forcing forks.

However, there has always been a catch: when multiple pools attack each other, they all end up worse off. This stalemate, known as the “miner’s dilemma,” has been considered an unavoidable feature of pooled mining.

A new study led by Professor Zhou Jianying from the Singapore University of Technology and Design (SUTD), in collaboration with researchers from China, challenges that long-standing assumption.

Their work, presented at the ACM Asia Conference on Computer and Communications Security, introduces a new strategy called Infiltrated Selfish Mining (ISM). Unlike earlier attacks, ISM creates a way for multiple attackers to profit at the same time, overturning the miner’s dilemma.

The core idea of ISM is simple but powerful. When an infiltrator in a pool discovers a valid proof-of-work block—called an infiltration block—they do not publish it right away. Instead, they use it as a private foundation to try to mine another block secretly.

If they succeed, they release the first block to the pool and quickly follow with the secret block. Both are accepted by the blockchain, giving the attacker double rewards: one from their private block and a shared payout from the pool.

If the second block fails, the withheld block can still be used to trigger a fork, similar to older attacks.

The key difference is that ISM provides a guaranteed one-block lead, ensuring attackers can collect rewards without the risky gamble of constant forks.

This transforms the economics of mining. The researchers showed that ISM allows two or more attacking pools to profit simultaneously—a Nash equilibrium in which everyone wins, something never proven possible before in Bitcoin mining.

Quantitative analysis revealed that ISM can be highly profitable. Under certain conditions, it delivers up to 1.5 times more rewards than FAW, without the complexity of PAW’s constant rebalancing or the protection-racket features of FWAP. Its simplicity makes it both practical and concerning.

The implications are troubling for the Bitcoin ecosystem. With ISM, even smaller pools may be tempted to attack because the risk of losses is lower.

Honest miners, meanwhile, could see their rewards shrink, pushing them toward larger pools and accelerating centralization. Over time, this kind of infiltration could erode trust in open pools and distort the fairness of the network—even if no obvious forks appear on the blockchain.

“This attack surface expansion is what makes ISM dangerous,” said Prof. Zhou. “It’s not just big pools that might use it. Smaller pools could be drawn in as well, eating into honest miners’ revenues and destabilizing the system.”

The researchers also explored possible defenses. They propose requiring miners to post deposits, which can be forfeited if withheld blocks are detected.

Combined with better stale-block monitoring, this method could eliminate ISM’s profit margin. Because these measures can be enforced at the pool level without changing the Bitcoin protocol, they are seen as practical options.

Still, the arms race may intensify. The team warns that artificial intelligence could help attackers fine-tune their strategies, adjusting infiltration in real time for maximum gains. The Bitcoin community will need stronger defenses, coordinated monitoring, and network protections to keep pace.

As Prof. Zhou put it, “Our work shows how a small twist in strategy can change the entire equilibrium of Bitcoin mining. The challenge now is to anticipate the next twist—and prepare defenses before it takes hold.”