1. Home
  2. patch

patch

More than 280 blockchains at risk of ‘zero-day’ exploits, warns security firm

Dogecoin, Zcash and Litecoin have already patched the “critical” vulnerability, but hundreds of others may not have, risking billions’ worth of crypto.

More than 280 blockchain networks are at risk of “zero-day” exploits that could put at least $25 billion worth of crypto at risk, according to cybersecurity firm Halborn.

In a March 13 blog post, Halborn warned of the vulnerability it dubbed “Rab13s” — adding it has already worked with some blockchains, such as Dogecoin, Litecoin and Zcash, to institute a fix for it.

Halborn said it was contracted in March 2022 to conduct a security review of Dogecoin’s codebase and found “several critical and exploitable vulnerabilities.”

It later determined those same vulnerabilities “affected over 280 other networks” that risked billions of dollars worth of cryptocurrencies.

Halborn outlined three vulnerabilities, the “most critical” of which allows an attacker to “send crafted malicious consensus messages to individual nodes, causing each to shut down.”

It added these messages over time could expose the blockchain to a 51% attack where an attacker controls the majority of the network’s mining hash rate or staked tokens to make a new version of the blockchain or take it offline.

Other zero-day vulnerabilities it found would allow potential attackers to crash blockchain nodes by sending Remote Procedure Call (RPC) requests — a protocol allowing a program to communicate and request services from another.

It added the likelihood of RPC-related exploits was lower as it requires valid credentials to undertake the attack.

“Due to codebase differences between the networks not all the vulnerabilities are exploitable on all the networks, but at least one of them may be exploitable on each network,” Halborn warned.

Related: Jump Crypto and Oasis.app ‘counter exploits’ Wormhole hacker for $225M

The firm said at this time it’s not releasing further technical details of the exploits due to their severity and added it made a “good faith effort” to contact all affected parties to disclose the potential exploits and provide remediation for the vulnerabilities.

Dogecoin, Zcash and Litecoin have already implemented patches for the discovered vulnerabilities, but hundreds could still be exposed, according to Halborn.

Prediction Markets Give Trump the Edge on Election Day

Terra Blockchain Temporarily Stops Block Production, Aims to Restart Network With a Patch

Terra Blockchain Temporarily Stops Block Production, Aims to Restart Network With a PatchAt 12:14 p.m. (ET), the Twitter account operated by the Terra team announced that the Terra blockchain network had been halted. According to the Terra developers’ tweet, Terra validators needed to apply a patch to further disable delegations. ** This post was updated at 3:00 p.m. (ET) to reflect the fact that the Terra blockchain […]

Prediction Markets Give Trump the Edge on Election Day

An In Depth Look at Bitcoin’s First Chain Split: Satoshi Helps Reverse the Creation of 184 Billion BTC

An In Depth Look at Bitcoin’s First Chain Split: Satoshi Helps Reverse the Creation of 184 Billion BTCSince January 3, 2009, the Bitcoin network has been functional for 99.98662952015% of the time. However, the protocol has had a few hiccups along the way and on a few occasions, the chain split into two. Most people are well aware of the Bitcoin Cash split that took place on August 1, 2017, but the […]

Prediction Markets Give Trump the Edge on Election Day