11-22-2024
BSV
$69.02
Vol 205.82m
-6.22%
BTC
$99126
Vol 104055.81m
2.36%
BCH
$496.71
Vol 2241.61m
4.09%
LTC
$91.06
Vol 1465.45m
5.62%
DOGE
$0.39
Vol 10230.19m
2.18%
Getting your Trinity Audio player ready...

A vulnerability that dates back to last March is still present in over 280 blockchain networks, including Litecoin (NASDAQ: LTC) and Zcash, potentially putting over $25 billion worth of digital assets at risk, a cybersecurity firm has revealed.

In a report this week, security researchers from Halborn revealed they first discovered the vulnerability after being contracted to audit Dogecoin’s (NASDAQ: DOGE) open-source codebase in March 2022. The DOGE team has since then fixed the vulnerability, which the Halborn team code-named Rab13s.

“However, after a broader review, Halborn determined that the same vulnerabilities affected over 280 other networks, including Litecoin and Zcash, putting over $25 billion of digital assets at risk,” Rob Behnke, the co-founder and CEO of Halborn says.

Behnke adds that his team found multiple vulnerabilities inside the open-source code for blockchain networks with a similar codebase to DOGE, including Litecoin and Zcash. Successful exploitation of the vulnerability relevant to each network could allow the hackers to launch a denial of service or remote execution attack.

Halborn further pointed out that attackers could shut down individual nodes by exploiting the vulnerability, exposing the networks to a 51% attack.

The company has developed an exploit kit for Rab13s that developers can leverage to demonstrate the attacks on different networks. It also shared all the necessary technical information with the relevant stakeholders to assist them in fixing the vulnerability.

Due to the severity of the issues and the possible ramifications, Halborn says it’s not releasing further technical or exploit detail currently.

The revelation comes at a time when hackers have stolen nearly $200 million from DeFi protocol Euler Finance, the largest hack in 2023. The attackers exploited a vulnerability in the protocol’s code, leveraging a flash loan from Aave to execute a series of transactions that exposed the protocol’s security deficiencies.

Watch: Dr. Craig Wright’s keynote speech on Cloud Security, Overlays & Blockchain

Recommended for you

Upbit’s license renewal in limbo; Hong Kong tightens VASP rules
South Korea is uncertain whether Upbit will have its license renewed due to possible KYC breaches; elsewhere, Hong Kong advises...
November 22, 2024
BIT Mining hit with $10M fine over bribery charges
In its previous existence as a casino and sports lottery firm, BIT Mining reportedly paid $2 million in bogus consultation...
November 21, 2024
Advertisement
Advertisement
Advertisement