Blockchain security firm, Halborn has detected several critical and exploitable vulnerabilities impacting more than 280 networks, including Litecoin (LTC) and Zcash (ZEC). Code-named “Rab13s,” this vulnerability has put over $25 billion of digital assets at risk.
This was first detected in the Dogecoin network a year ago, which was then fixed by the team behind the premier memecoin.
51% Attacks and Other Issues
According to the official blog post, Holborn researchers discovered the most critical vulnerability related to peer-to-peer (p2p) communications which, if exploited, can help attackers craft consensus messages and send them to individual nodes and take them offline. Eventually, such a threat could also expose networks to risks such as 51% attacks and other severe issues.
“An attacker can crawl the network peers using getaddr message and attack the unpatched nodes.”
The firm identified another zero-day which was uniquely related to Dogecoin, including an RPC (Remote Procedure Call) Remote code execution vulnerability impacting individual miners.
Variants of these zero-days were also discovered in similar blockchain networks, such as Litecoin and Zcash. While not all the bugs are exploitable in nature due to the differences in codebase between the networks, at least one of them could be exploited by attackers on each network.
In the case of vulnerable networks, Halborn said that successful exploitation of the relevant vulnerability could lead to denial of service or remote code execution.
The security platform believes that the simplicity of these Rab13s vulnerabilities increases the possibility of attack.
Upon further investigation, Halborn researchers found a second vulnerability in the RPC services that enabled an attacker to crash the node via RPC requests. But successful exploitation would require valid credentials. This reduces the possibility of the entire network being at risk because some nodes implement the stop command.
A third vulnerability, on the other hand, lets malicious entities execute code in the context of the user running the node through the public interface (RPC). The likelihood of this exploit is also low since even this requires a valid credential to carry out a successful attack.
Meanwhile, an exploit kit for Rab13s has been developed that includes a proof of concept with configurable parameters to demonstrate the attacks on various other networks.
Halborn has confirmed sharing all the necessary technical details with the identified stakeholders to help them remediate the bugs, as well as to release the relevant patches for the community and miners.