- The identified blockchain vulnerabilities code-named Rab13s are related to peer-to-peer (P2P) network communications.
- Halborn has clarified that not all the identified vulnerabilities are exploitable on all blockchains due to the differences in the underlying source codes.
A blockchain cybersecurity startup that raised $90 million in Series A amid last year’s bear market, Halborn, has identified several critical and exploitable vulnerabilities affecting over 280 blockchains, including Litecoin and Zcash. As a result, Halborn has warned over $25 billion in the digital asset industry is at risk of attack. According to Halborn researchers, the critical and exploitable vulnerabilities were found during a Dogecoin network checkup, which the team was contracted to evaluate. However, the Halborn team has indicated that the Dogecoin team has since fixed the vulnerabilities.
Notably, the identified blockchain vulnerabilities code-named Rab13s are related to peer-to-peer (P2P) network communications. As such, a network attacker could affect individual blockchain nodes and bring them down through a DDOS. Halbon researchers noted.
The most critical vulnerability discovered is related to the peer-to-peer (p2p) communications, attackers can craft consensus messages and send it to individual nodes and taking them offline….. An attacker can crawl the network peers using getaddr message and attack the unpatched nodes.
However, Halborn has clarified that not all the identified vulnerabilities are exploitable on all blockchains due to the differences in the underlying source codes. Holborn added.
Due to codebase differences between the networks, not all the vulnerabilities are exploitable on all the networks, but at least one of them may be exploitable on each network. On vulnerable networks, successful exploitation of the relevant vulnerability could lead to denial of service or remote code execution.
Halbon Sets Way Forward for the Identified Blockchains
The Halborn team successfully developed an exploit kit for Rab13s that includes a proof of concept with configurable parameters to demonstrate the attacks on different networks. As such, the Halborn team has shared the results with the necessary stakeholders to make network changes and avoid a crypto meltdown.
Additionally, the Halborn team indicated that the technical details on the Rab13s will not be made public due to the severity of the matter. According to the Halborn researchers, led by Senior Offensive Security Engineer Hossam Mohamed, all affected networks have been contacted in good faith. Nonetheless, the affected networks are encouraged to contact the Halborn team for further assistance on how to patch the vulnerabilities.
No spam, no lies, only insights. You can unsubscribe at any time.
The zero-day vulnerabilities could cripple the blockchain industry in huge severity and induce a fresh bear market, perhaps worse than last year. Moreover, most blockchains have developed interoperable communications that could be exploited through zero-day vulnerabilities.
Notably, most of the identified vulnerabilities have a lower likelihood of taking place due to the validity required by the blockchains. As such, the Halborn team believes only the softest sections of the blockchains are the nodes, which present the possibility of a 51 percent attack.
Crypto News Flash does not endorse and is not responsible for or liable for any content, accuracy, quality, advertising, products, or other materials on this page. Readers should do their own research before taking any actions related to cryptocurrencies. Crypto News Flash is not responsible, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with the use of or reliance on any content, goods, or services mentioned.
Read More: www.crypto-news-flash.com