Bankless Times
Cybersecurity Experts: 280+ Blockchains are Flawed, Risk Losing $25B
HomeNewsCybersecurity Experts: 280+ Blockchains are Flawed, Risk Losing $25B

Cybersecurity Experts: 280+ Blockchains are Flawed, Risk Losing $25B

Top News
Daniela Kirova
Daniela Kirova
March 14th, 2023
Why trust us
Advertiser Disclosure
  • Halborn identified critical vulnerabilities of Dogecoin, Litecoin, Zcash
  • Attacker can take blockchains offline or even make new versions of them

Almost 300 blockchain networks risk losing $25 billion or more in crypto assets due to “zero-day” exploits, warned Halborn, a cybersecurity firm.

In a blog post published on March 13, they wrote they had been hired to assess the Dogecoin open source code for any weaknesses that might impact the blockchain’s security. Halborn identified a number of exploitable and critical vulnerabilities, which the Dogecoin team since fixed.

Following a wider evaluation, the cybersecurity firm found the same vulnerabilities also affected Zcash, Litecoin, and 280 other blockchain networks, jeopardizing more than $25 billion in crypto.

Rab13s: the most critical flaw

Halborn named the most critical flaw Rab13s. It enables exploiters to send individual nodes specially designed malicious consensus messages, which make the node collapse.

If these messages accumulate, the blockchain could become vulnerable to a 51% attack, where an exploiter controls most of the tokens staked on the network or its mining hash rate. This is enough to take the blockchain offline or even make a new version of it.

Crashed blockchain nodes and other vulnerabilities

Halborn also found other vulnerabilities, like the possibility of cybercriminals sending Remote Procedure Call (RPC) requests to crash blockchain nodes. RPCs allow programs to provide and request services from each other.

At least one element per network is exploitable

The firm added that RPC-related attacks weren’t as likely because they required valid credentials. They warned that at least one vulnerability per network was exploitable, but assured not all networks were exploitable due to codebase differences.

Halborn is not releasing any more technical details of the attacks at this time due to their severity, but assure they are making an effort to get in touch with all entities affected. They intend to disclose the risks and offer remedies of the flaws.

Dogecoin, Litecoin, and Zcash blockchains have taken measures to eradicate the flaws discovered, but hundreds might remain exposed, the firm said.

Contributors

Daniela Kirova
Daniela Kirova
Writer
Daniela is a writer at Bankless Times, covering the latest news on the cryptocurrency market and blockchain industry. She has over 15 years of experience as a writer, having ghostwritten for several online publications in the financial sector.