- Security company Halborn says it has found a package of vulnerabilities impacting 280 blockchains and worth $25 billion to hackers.
- Halborn found the Rab13s exploits while reviewing Dogecoin code
- Litecoin and Zcash have already patched their blockchains
Security company Halborn says it has found a package of vulnerabilities impacting 280 blockchains and worth $25 billion to hackers. The company says that it found the exploits while conducting a check of the Dogecoin blockchain, and soon realized that they are present in hundreds of others, including Zcash and Litecoin. It has calculated the total potential damage at $25 billion and has tried to contact developers of as many blockchains as it can to urge action.
🚨 Halborn discovered massive #ZeroDay impacting Dogecoin and 280+ networks including Litecoin and Zcash, putting over $25 Billion of digital assets at risk!
— Halborn (@HalbornSecurity) March 13, 2023
280 Blockhains Affected
Halborn CEO Rob Behnke posted about the flaws yesterday on the Halborn website, explaining that it found “several critical and exploitable vulnerabilities” in the Dogecoin code. After a “broader review,” Halborn surmised that the same vulnerabilities “affected over 280 other networks including Litecoin and Zcash,” and called the group of nasties ‘Rab13s’.
In the post, Behnke explained the most critical elements of Rab13s:
- A vulnerability found inside p2p messaging mechanisms can lead to the attacker sending crafted malicious consensus messages to individual nodes, causing each to shut down and eventually expose the network to risks like 51% attacks and other severe issues.
- Attackers can crash a node via RPC requests. However, successful exploitation requires valid credentials, which reduces the likelihood of the entire network being at risk and since some nodes implement the stop command.
- Attackers can execute code in the context of the user running the node through the public interface (RPC). However, the likelihood of this exploit is lower as it requires a valid credential to carry out the attack.
Exploit Prevention Kit Available
Behnke revealed that Halborn has “successfully developed an exploit kit for Rab13s that includes a proof of concept with configurable parameters in order to demonstrate the attacks on different networks.” Due to the sensitivity of the issue, the company naturally hasn’t sent out the remedy kit to every Tom, Dick and Harry that asks for it, saying that all the necessary technical information has been “shared with the identified stakeholders to help them remediate the bugs.”