SNEAK PEEK
- Litecoin, Dogecoin, and Zcash have mended the critical vulnerability.
- Hundreds of other crypto have not patch the vulnerability, which puts crypto worth billions at risk.
- The attack needs a valid credential to take place, which is why the chances of the exploit are quite low.
Halborn, a cybersecurity company, has disclosed that 280 plus blockchain networks are at risk of “zero-day” attacks that could put crypto worth $25 billion at risk.
The company shared a blog on March 13 to warn about the vulnerability it referred to as “Rab13s.” It further mentioned already working with certain blockchains, like Litecoin, Dogecoin, and Zcash, to establish a solution for it.
🚨 Halborn discovered massive #ZeroDay impacting Dogecoin and 280+ networks including Litecoin and Zcash, putting over $25 Billion of digital assets at risk!
🧵👇…
— Halborn (@HalbornSecurity) March 13, 2023
In March 2022, Halborn was contracted to carry out a security review of the codebase of Dogecoin and discovered many serious and exploitable vulnerabilities. Later, it calculated that the same vulnerabilities created an impact on around 280 other networks, thus risking cryptocurrencies worth billions of dollars.
Three vulnerabilities were mentioned by Halborn, and the most dangerous among them enables an attacker to “send crafted malicious consensus messages to separate nodes to make each one of them shut down.”
2/ During the assessment, it was found that the same vulns affected over 280 other networks including #litecoin and #zcash, which have since then been addressed and patched.
— Halborn (@HalbornSecurity) March 13, 2023
With time, these messages could expose the blockchain to a 51% attack in which an attacker governs most of the mining hash rate or staked tokens of a network to create a blockchain’s new version or take it offline.
Regarding other found zero-day vulnerabilities, it was discovered that they would enable potential attackers to slam blockchain nodes by sending RPC, or remote procedure call, requests.
6/ 🤔 What are the consequences?
👉 Firstly, vulnerabilities were found in the p2p messaging mechanisms. Malicious consensus messages can be sent to each node, causing them to shut down and exposing the network to severe risks like 51% attacks.
— Halborn (@HalbornSecurity) March 13, 2023
The probability of RPC-based attacks was low since they needed valid credentials to be conducted.
Adding more to the warning, Halborn said that owing to codebase differences among the networks, not every vulnerability is exploitable on every network. However, at least one of them might be exploitable on all networks.
The company didn’t share more technical information related to the attacks owing to their extremity. It also added that a “good faith effort” was made to contact all parties that were impacted so as to reveal potential attacks and offer remedies for vulnerabilities.
Bitcoin, Dogecoin, and Zcash have imposed patches for the identified vulnerabilities, though hundreds are still possible to be exposed.
- SEO Powered Content & PR Distribution. Get Amplified Today.
- Platoblockchain. Web3 Metaverse Intelligence. Knowledge Amplified. Access Here.
- Source: https://investorbites.com/halborn-warns-280-plus-blockchains-are-at-risk-of-zero-day-exploits/