More than 280 blockchains at risk of ‘zero-day’ exploits, warns security firm
280 or more blockchain networks are estimated to be at risk of “zero-day” exploits that could put at least $25 billion worth of crypto at risk, according to cybersecurity firm Halborn.
In a Mar. 13 blog, Halborn warned of the vulnerability it dubbed “Rab13s” — adding it has already worked with some blockchains, such as Dogecoin, Litecoin and Zcash, to institute a fix for it.
Halborn discovered massive #ZeroDay impacting Dogecoin and 280+ networks including Litecoin and Zcash, putting over $25 Billion of digital assets at risk!...
Halborn was contracted by Dogecoin in March 2022 to conduct a security review of its codebase and found “several critical and exploitable vulnerabilities.”
It later determined those same vulnerabilities “affected over 280 other networks” that risked billions of dollars worth of cryptocurrencies.
Halborn outlined three vulnerabilities, the “most critical” of which allows an attacker to “send crafted malicious consensus messages to individual nodes, causing each to shut down.”
3/ The most critical vulnerability discovered is related to peer-to-peer (p2p) communications where attackers can craft consensus messages and send it to individual nodes, taking them offline. Halborn researchers, led by @safe_buffer, have code-named this vulnerability #Rab13s.
It added these messages over time could expose the blockchain to a 51% attack where an attacker controls the majority of the network’s mining hash rate or staked tokens to make a new version of the blockchain or take it offline.
Other zero-day vulnerabilities it found would allow potential attackers to crash blockchain nodes by sending Remote Procedure Call (RPC) requests — a protocol allowing a program to communicate and request services from another.
7/
Read more on cointelegraph.com
