Detected “fatal error” in Dogecoin code and spread to 280 other blockchains

Blockchain security unit Halborn has discovered several critical flaws in Dogecoin’s source code, affecting 280 other networks and putting more than $25 billion at risk.

Detected “fatal error” in Dogecoin code and spread to 280 other blockchains

According to a report on March 13, security company Halborn, after an evaluation process, found 3 serious bugs in Dogecoin’s open source code and quickly patched them. However, when looking at the bigger picture, Halborn discovered that these vulnerabilities had spread to 280 similar networks.

The set of vulnerabilities is what Halborn calls “Rab13s”.

Specifically, the most severe vulnerability that Halborn researchers found involved a P2P network, where an attacker could manually generate consensus messages, send them to individual nodes, and shut them down. Go. From there, the network will be at risk of a “51% attack” due to the difference in the number of validating nodes.

The second vulnerability mentioned by Halborn is related to RPC, allowing an attacker to crash a node through RPC requests. However, this requires information authentication, which somewhat reduces the possibility of the entire network being affected.

Finally, the third vulnerability allows an attacker to execute code while the node is running via RPC. However, similar to vulnerability 2, the vulnerability of vulnerability 3 is relatively low because it requires authentication steps from node.

It is worth mentioning that “variants” of Rab13s have also been discovered in blockchain networks similar to Litecoin, Zcash or Horizen. The security unit said that due to source code base differences between networks, not all vulnerabilities can be exploited equally.

The source of some of the bugs found in the pre-existing Bitcoin Core code, Halborn revealed.

Halborn has attempted to contact affected networks for information about Rab13s. In response, Zcash confirmed that it has not been hacked, Litecoin on March 12 released a new update that fixed the bug, while Horizen also revealed that a fix will be available soon.

Additionally, Halborn is not disclosing more exploit details or technology at this time due to the severity of the problem.

Synthetic Kyptos

Stay in the Loop

Get the daily email from CryptoNews that makes reading the news actually enjoyable. Join our mailing list to stay in the loop to stay informed, for free.

Latest stories

- Advertisement - spot_img