- The co-founder of Bitcoin sidechain Sequentia said hacked Dogecoin validators
- He reportedly crippled more than half of the validator nodes on the network
- Dogecoin had a vulnerability that allowed unauthorized access to the nodes
Andreas Kohl, the co-founder of Bitcoin sidechain Sequentia, has revealed that he hacked and crippled validator nodes on the Dogecoin network. Kohl said that he used an old computer to infiltrate the network through a vulnerability that Tobias Ruck had discovered. Although Kohl said that he brought down 69% of the validators on the network, on-chain data shows that the percentage of compromised nodes has reduced to slightly over 50% dropping from 647 nodes to 315 nodes before and after the hack, respectively.
CEXs and Major Custodians Not Affected
In an X post, Kohl said that he hacked the network from a rural place in El Salvador, but added that the hack affected “nodes that weren’t on the latest version […] which was the majority of the network.”
I used a publicly disclosed (by @TobiasRuck) vulnerability to take down 69% of the Dogecoin network from an old thinkpad in rural el salvador. AMA. https://t.co/BNkGDWkWhu pic.twitter.com/qk16AwMaq5
— Andreas Kohl (@aejkohl) December 12, 2024
According to the Sequentia co-founder, the incident din’t affect the network’s token, DOGE, on centralized exchanges and other “major custodians” explaining why most DOGE holders didn’t notice the outage.
Last week, Department Of DOGE Efficiency, through its X account, re-disclosed a critical vulnerability in Dogecoin. It called the weakness “DogeReaper” saying that it allows “anyone to crash any Dogecoin node remotely.”
Public Re-Disclosure of “DogeReaper”, a critical vulnerability in Dogecoin
DogeReaper is a critical vulnerability on Dogecoin, allowing anyone to crash any Dogecoin node remotely. We are re-disclosing this vulnerability without links to make the X algo happy. pic.twitter.com/cbl3rOG2PD
— Department Of DOGE Efficiency (@EfficiencyDOGE) December 6, 2024
Kohl Didn’t Disclose the Reason
The X account said that a malicious entity could use the vulnerability to bring down the entire Dogecoin network, which would take days to bring it back up. Such an incident would halt transaction confirmation and block production on the network.
Kohl didn’t, however, disclose why he chose to crash the nodes. Malicious actors have been compromising various platforms to steal crypto. In September, for example, North Korean hackers exploited a Google Chrome vulnerability and stole an undisclosed crypto amount.
With Kohl successfully hacking Dogecoin’s validator network, it’s to be seen whether the project will patch the weakness or ask node operators to update their nodes to the latest version.
