Research Discovers Critical Bug Affecting Litecoin, ZCash, Dogecoin, and Other Networks
Blockchain security firm Halborn has discovered vulnerabilities in the networks of more than 280 cryptocurrencies, including Litecoin and Zcash, putting more than $25bn of digital assets at risk. Halborn discovered “Rab13s”, in peer-to-peer communications, which would allow attackers to send messages to individual nodes and take them offline. Zero-day vulnerabilities were detected which were uniquely related to Dogecoin, such as an RPC Remote code execution vulnerability affecting individual miners. Halborn believes the extreme simplicity of the vulnerabilities makes such a target more likely. Several variants of these zero-days were discovered in similar blockchain networks. Successful exploitation of each bug could lead to denial of service or remote code execution. Exploits have been developed of Rab13s, which include a proof of concept demonstrating attacks on various other networks. Halborn confirmed it had shared all necessary details with stakeholders, as well as releasing relevant patches for the community and miners.