Cryptocurrency exploits have become one of the growing menaces against the advancement and adoption of digital assets. Over the years, the industry has suffered huge losses through several exploits on crypto blockchains and related platforms.
Though the attacks come in different forms, zero-day exploits have become a prominent and recurring type for bad actors. This type of exploit preys on the vulnerabilities within the software of crypto blockchains and platforms.
A recent report from a security firm, Halborn, reveals that hundreds of blockchains are currently at risk of zero-day exploits.
Some Major Vulnerabilities On The Blockchains Revealed
Recently, Halborn disclosed its discovery of massive zero-day exploits targeted against several crypto blockchain networks through a series of Twitter posts. The software vulnerability, tagged “Rab 13s” was set to impact over 280 networks such as Dogecoin, Zcash, Litecoin, and others.
The security firm noted that the exploit might lead to a possible loss of more than $25 billion worth of crypto assets from the target networks.
In March 2022, Dogecoin contracted Halborn for a security audit of its codebase. The security firm mentioned discovering many critical and open vulnerabilities on the Dogecoin network. Also, Halborn reported that those similar vulnerabilities had impacted more than 280 other blockchain networks in the crypto industry.
In its Twitter post, Halborn highlighted some software vulnerabilities on the exposed blockchain networks. Notably, the major loophole on the networks enables an exploiter to create and send malicious consensus messages to individual nodes. Hence, such an attack will trigger an auto shutdown of the nodes.
The security firm stated that such messages might cause the blockchain to suffer a 51% attack over time. Subsequently, the exploiter could control most operations on the network, like the mining hash rate or staked tokens. The attacker could even take the blockchain offline or develop a new version.
It noted that it had made a reasonable faith effort in contacting the impacted networks to combat the technical lapses effectively. It noted that the networks could also reach out for responsible disclosures and resolutions for their services. Also, it recommended an upgrade of all UTXO-based nodes to the latest version for some networks like Dogecoin.
Zero-Day Exploit And Its Impacts On Crypto
Zero-day exploit is a security attack that targets software vulnerabilities on systems and networks. Usually, an exploiter will seek and use software vulnerabilities for attacks before the mitigation party steps in.
The crypto and blockchain industries have witnessed several zero-day exploits in the past. A smart contract platform, Parity lost over $30 million worth of Ether tokens in July 2017 through an exploit. Hackers also attacked CryptoKittes, in December 2017 and carted about $17 million worth of ETH within two days.
In most cases, the attackers gain access to their targets’ funds by sending phishing emails or messages to users. Once a user opens the message or clicks on forwarded links, the exploiter will access the user’s credentials and other vital information for an attack.
Featured Image from Pixabay and chart from Tradingview.com