Close
One of the biggest threats to the development and use of digital assets is cryptocurrency exploits. The industry has seen significant losses over the years as a result of several attacks on cryptocurrency blockchains and related platforms.
Zero-day exploits have emerged as a significant and recurrent kind for malicious actors, despite the fact that assaults can take many various forms. This kind of hack takes use of flaws in the platforms’ and blockchains’ software.
According to a recent research from the security company Halborn, hundreds of blockchains are presently vulnerable to zero-day attacks.
Via a series of tweets, Halborn recently revealed its discovery of significant zero-day attacks targeted at several crypto blockchain networks. The “Rab 13s” software flaw was expected to affect over 280 networks, including Dogecoin, Zcash, Litecoin, and others.
The security company warned that the attack may cause the target networks to lose crypto assets valued more than $25 billion.
Dogecoin hired Halborn in March 2022 to examine its codebase’s security. Several serious and unpatched vulnerabilities on the Dogecoin network have been found, according to the security company. Moreover, Halborn stated that around 280 additional blockchain networks in the cryptocurrency sector have been affected by similar flaws.
Halborn noted a few software flaws on the exposed blockchain networks in a tweet. It should be noted that the networks’ primary flaw allows an exploiter to construct and broadcast malicious consensus messages to specific nodes. As a result, such an assault will cause the nodes to shut down automatically.
According to the security company, such messages might eventually lead to a 51% attack on the blockchain. The exploiter then had complete control over the majority of network activities, including hash rate mining and staked tokens. Even worse, the attacker may create a new blockchain or take the existing one offline.
It stated that in order to successfully address the technological flaws, it has made a good faith attempt to get in touch with the affected networks. It was mentioned that networks might also get in touch with them for ethical disclosures and answers on their services. For certain networks, like Dogecoin, it also suggested updating all UTXO-based nodes to the most recent version.
A security breach that targets software flaws in networks and systems is known as a zero-day exploit. Before the mitigating party intervenes, an exploiter would often look for and leverage software vulnerabilities for attacks.
There have been a number of zero-day vulnerabilities in the cryptocurrency and blockchain sectors in the past. Parity, a platform for smart contracts, suffered a loss of nearly $30 million in ether tokens in July 2017 due to a bug. In December 2017, hackers again targeted CryptoKittes and stole around $17 million worth of ETH in only two days.
The majority of the time, attackers trick consumers into providing their financial information by sending phishing emails or texts. The exploiter gains access to the user’s credentials and other crucial data for an attack as soon as the victim opens the message or clicks on forwarded links.
