Watch out! Over 280 Blockchain Networks Put $25B+ in Assets at Risk for Zero-Day Exploits – Report
- The identified blockchain vulnerabilities codenamed Rab13s are related to peer-to-peer (P2P) network communication.
- Halborn has clarified that not all of the identified vulnerabilities can be exploited on all blockchains due to the differences in the underlying source codes.
A blockchain cybersecurity startup that raised $90 million in Series A in the middle of last year’s bear market, Halborn, has identified several critical and exploitable vulnerabilities affecting over 280 blockchains, including Litecoin and Zcash. As a result, Halborn has warned that over $25 billion in the digital asset industry is at risk of attack. According to Halborn researchers, the critical and exploitable vulnerabilities were found during a Dogecoin network check, which the team was contracted to evaluate. However, the Halborn team has indicated that the Dogecoin team has since fixed the vulnerabilities.
In particular, the identified blockchain vulnerabilities codenamed Rab13s are related to peer-to-peer (P2P) network communication. As such, a network attacker can affect individual blockchain nodes and bring them down through a DDOS. Halbon researchers noted.
The most critical vulnerability discovered is related to peer-to-peer (p2p) communication, attackers can create consensus messages and send them to individual nodes and take them offline… An attacker can scan the network peers using getaddr messages and attack unupdated nodes.
However, Halborn has clarified that not all of the identified vulnerabilities can be exploited on all blockchains due to the differences in the underlying source codes. Holborn added.
Due to codebase differences between the networks, not all vulnerabilities can be exploited on all networks, but at least one of them can be exploited on each network. On vulnerable networks, successful exploitation of the relevant vulnerability can lead to a denial of service or remote code execution.
Halbon sets the path forward for the identified blockchains
The Halborn team successfully developed an exploitation kit for Rab13s that includes a proof of concept with configurable parameters to demonstrate the attacks on different networks. As such, the Halborn team has shared the results with the necessary stakeholders to make network changes and avoid a crypto meltdown.
In addition, the Halborn team indicated that the technical details of Rab13s will not be made public due to the seriousness of the matter. According to the Halborn researchers, led by senior offensive security engineer Hossam Mohamed, all affected networks have been contacted in good faith. Nevertheless, the affected networks are encouraged to contact the Halborn team for further assistance on how to correct the vulnerabilities.
No spam, no lies, just insight. You can unsubscribe at any time.
The zero-day vulnerabilities could cripple the blockchain industry in enormous severity and induce a fresh bear market, perhaps worse than last year. Also, most blockchains have developed interoperable communication that can be exploited through zero-day vulnerabilities.
In particular, most of the identified vulnerabilities have a lower probability of occurring due to the validity required by the blockchains. As such, the Halborn team believes that only the softest parts of the blockchains are the nodes, which offer the possibility of a 51 percent attack.
Crypto News Flash does not endorse and is not responsible or liable for the content, accuracy, quality, advertising, products or other materials on this site. Readers should do their own research before taking any action related to cryptocurrencies. Crypto News Flash is not responsible, directly or indirectly, for any damages or losses caused or alleged to be caused by or in connection with the use of or reliance on any content, goods or services mentioned.