Over 280 blockchain networks have a "zero-day" vulnerability that puts over $25 billion worth of crypto funds at the mercy of hackers.
According to a report published by Halborn, a blockchain security firm, on March 13th, more than 280 blockchains can face a "zero-day" exploit.
The report revealed that Dogecoin, Litecoin, and Zcash had already patched the security loophole. However, other blockchains are still prone to this issue.
Did you know?
Subscribe - We publish new crypto explainer videos every week!
How to Pick the Right DeFi dApp? (Dos and Don’ts Explained)
Halborn stated that it was contracted to evaluate the Dogecoin codebase in March 2022 for any security vulnerabilities. Its analysis revealed several “critical and exploitable vulnerabilities.”
The company found that the same vulnerabilities were present in more than 280 blockchain networks, which put over $25 billion worth of crypto at risk. Halborn code-named the vulnerability Rab13s.
According to Halborn, hackers could craft consensus messages by taking out individual nodes. On top of that, attackers could crawl nodes via a Getaddr message to attack all unpatched nodes.
The company said that, while some of the vulnerabilities were known from the Bitcoin codebase, one was unique to Dogecoin. The network had "RPC vulnerability impacting individual miners."
Halborn explained that by exploiting the Rab13s vulnerabilities to shut down network nodes, malicious actors would increase the risk of severe issues, such as a 51% attack.
They said they had reached out to the affected networks:
A good faith effort has been made to contact the affected networks for responsible disclosure. However, all affected networks are encouraged to contact Halborn on [email protected].
At the end of its blog post, Halborn offered networks to upgrade all its UTXO-based nodes to the latest version. However, the blockchain security firm noted that due to the "severity of the issue, Halborn will not release the technical details or exploit details at this time."