Hacking is one of the most pervasive threats to the growth and acceptance of cryptocurrency. Over the years, the sector has incurred (1) substantial losses through many vulnerabilities in crypto blockchain systems & related platforms.
While there are many varieties of cyberattacks, zero-day flaws have risen to prominence as a preferred method of attack. The software flaws of cryptocurrency blockchains and platforms are the target of this kind of exploit.
In a recent analysis, security firm Halborn found that many blockchains are vulnerable to zero-day vulnerabilities.
Several Serious Vulnerabilities On The Blockchains Discovered
Through a string of tweets, the security firm Halborn recently discovered numerous zero-day flaws aimed at different blockchain networks for cryptocurrencies. The “Rab 13s” software flaw was expected to affect more than 280 networks, including Dogecoin, Zcash, Litecoin, etc.
The security firm estimated that the potential loss of digital currencies from affected networks might exceed $25 billion due to the exploit.
Dogecoin hired Halborn in March of 2022 to conduct a security review of its code. According to the security firm, numerous serious and unpatched holes were found in the Dogecoin network.
???? Halborn discovered massive #ZeroDay impacting Dogecoin and 280+ networks including Litecoin and Zcash, putting over $25 Billion of digital assets at risk!
— Halborn (@HalbornSecurity) March 13, 2023
Halborn reported (1) that those comparable flaws had compromised more than 280 additional blockchain systems in the crypto business.
Halborn warned of software flaws in the vulnerable blockchain networks in a Twitter post. Particularly, the fundamental flaw in the networks enables an exploiter to produce and broadcast malicious consensus announcements to individual nodes. As a result, the nodes will shut down immediately upon detection of such an assault.
As the security firm put it, such messages might eventually lead to a 51% attack on the blockchain. Hence, the exploiter would have complete authority over most network functions, including mining hashrate and staked tokens. The attacker may even be able to create a fork of the blockchain or put it out of commission.
It acknowledged that it had made a good-faith effort to contact and cooperate with the affected networks to address the technical issues.
The document also clarified that the networks could make disclosures and find remedies as appropriate for their offerings. Furthermore, it suggested updating all UTXO-based nodes to the most recent version for certain networks like Dogecoin.
The Consequences of the Zero-Day Crypto Exploit
A zero-day vulnerability is a previously undetected security flaw that can be used to compromise an entire network. As a rule, an exploiter will look for, and leverage software flaws in assaults before the mitigating party comes in.
There have been multiple zero-day exploits in the history of the cryptocurrency and blockchain sectors. Parity, a platform for creating smart contracts, had almost $30 million worth of Ethereum tokens stolen from them in July 2017. In addition, hackers stole around $17 million worth of ether from CryptoKittes in December 2017.
Attackers commonly use phishing emails and texts to access victims’ financial information. The recipient’s credentials and other sensitive information will be accessible to the exploiter once the message is opened or the links are clicked.