Security firm warns of ‘zero-day’ exploits threatening over 280 blockchains.
At least $25bn worth of cryptocurrencies are at risk of theft due to zero-day vulnerabilities in more than 280 blockchain networks, according to cybersecurity firm Halborn. The vulnerability, dubbed “Rab13s”, could allow attackers to send malicious consensus messages that would cause individual nodes to shut down. Researchers at Halborn warned that given time, these messages could expose the blockchain to a 51% attack, potentially leading to new versions of the blockchain or even taking it offline. While not all the vulnerabilities are exploitable on all affected networks, Halborn warned at least one of them may be exploitable on each network.
These vulnerabilities have already affected Dogecoin, which contracted Halborn last year to conduct a code security review. Halborn discovered critical vulnerabilities in Dogecoin’s codebase that also affected the other networks. Dogecoin, Litecoin and Zcash have already implemented fixes for the vulnerabilities, however, many other blockchains could still be exposed to the risk. The severity of the exploits is such that Halborn has not released further technical details of the vulnerabilities. The company has made a “good faith effort” to contact all affected parties to disclose the potential exploits and provide remediation for the vulnerabilities.
About The Author
