untitled design

Nearly 300 Blockchains Found Fatal Zero-Day Vulnerability

Analysts at IT firm Halborn have discovered critical vulnerabilities in nearly 300 blockchain networks, including Litecoin.

Over 280 blockchains are vulnerable to a zero-day exploit*. About it on your website reported Halborn researchers. The firm first found a vulnerability in the Dogecoin blockchain in March 2022. The hole was patched, but later researchers found similar flaws in hundreds of blockchains, including Litecoin and Zcash. According to experts, attackers can steal up to $25 billion by conducting a zero-day attack.

  • Day Zero is a term used to describe newly discovered vulnerabilities. Such exploits pose a serious security risk, as there may not be a patch available to address them.

The vulnerability, codenamed Rab13s, involves peer-to-peer transfers between cryptocurrency wallets. It turned out that attackers can disconnect nodes (validators / miners) from the network with just one transaction with malicious code. By disabling enough nodes, a hacker can pull off a 51% attack. In addition to infected transactions, hackers can shut down a node using RPC messages. However, to carry out such an attack, the node must have extensive access rights, which immediately narrows the scope of the attack.

Halborn admits that there is no universal approach to infect all networks with one script due to the different architecture of blockchains. However, individually, each network is still vulnerable to Rab13s attacks, the analysts added. Halborn called on Dogecoin network validators to update their nodes to version 1.14.6. Analysts refused to publish technical details of the vulnerabilities due to the high level of threat to networks.

In February 2023, analysts at venture capital firm Jump Crypto discovered a series of critical vulnerabilities related to the issuance of tokens on BNB Chain (formerly Binance Smart Chain). Binance acknowledged the existence of the exploit and later announced a fix for the vulnerability. Representatives of the exchange said that such vulnerabilities are critical for the Web3 industry, and the head of Binance, Changpeng Zhao, thanked the researchers for finding the hole.

Source: Cryptocurrency

You may also like

Most popular