More than 280 blockchains are at great risk, security company warns

More than 280 blockchain networks are at risk of abuse, putting at least $25 billion worth of crypto at risk.

A zero day exploit

According to cybersecurity firm Halborn, more than 280 blockchain networks are at risk of “zero-day” exploits, potentially putting at least $25 billion worth of crypto at risk.

In a blog post of March 13, Halborn warned about the vulnerability it called “Rab13s.” He added that he has already worked with some blockchains to find a solution.

Halborn said it was contracted in March 2022 to conduct a security assessment of Dogecoin’s codebase. In doing so, he indicated that he had found several critical and exploitable vulnerabilities.

It later determined that the same vulnerabilities “affected more than 280 other networks” risking billions of dollars worth of cryptocurrencies.

Halborn outlined three vulnerabilities, the most critical of which could allow an attacker to send malicious consensus messages to individual nodes, shutting them all down.

Adding these messages over time could expose the blockchain to a 51% attack rate. In this case, an attacker controls most of the network’s hash rate or staked tokens to create a new version of the blockchain or take it offline.

Read Also:  FTX scandal: Up to 50 years in prison demanded against Sam Bankman-Fried

Other zero-day vulnerabilities would allow potential exploits to crash blockchain noded by sending Remote Procedure Call (RPC) requests. This is a protocol that allows one program to communicate and request services from another.

It added that the likelihood of RPC-related exploits was lower. This is because valid credentials are required to run the exploit.

Due to differences in the codebase between the networks, not all vulnerabilities can be exploited on all networks. However, at least one of them can be exploited on any network.

– Halborn

Fixing vulnerabilities

The company said it would not release any further technical details of the exploits at this time due to its severity. It added that it has attempted to contact all parties involved to expose the potential exploits and fix the vulnerabilities.

Dogecoin, Zcash and Litecoin have already implemented patches for the discovered vulnerabilities. However, according to Halborn, hundreds could still be uncovered.

Recent Articles

Related News

Leave A Reply

Please enter your comment!
Please enter your name here