Critical Bug Impacting Litecoin, ZCash, Dogecoin and Other Networks Identified: Research

Halborn said that it will not release further technical or exploit detail, citing the severity of the issues.

142 Total views

Blockchain security firm, Halborn has detected several critical and exploitable vulnerabilities impacting more than 280 networks, including Litecoin (LTC) and Zcash (ZEC). Code-named “Rab13s,” this vulnerability has put over $25 billion of digital assets at risk.

This was first detected in the Dogecoin network a year ago, which was then fixed by the team behind the premier memecoin.

51 Attacks and Other Issues

According to the official blog post, Holborn researchers discovered the most critical vulnerability related to peer-to-peer (p2p) communications which, if exploited, can help attackers craft consensus messages and send them to individual nodes and take them offline. Eventually, such a threat could also expose networks to risks such as 51 attacks and other severe issues.

“An attacker can crawl the network peers using getaddr message and attack the unpatched nodes.”

The firm identified another zero-day which was uniquely related to Dogecoin, including an RPC (Remote Procedure Call) Remote code execution vulnerability impacting individual miners.

Variants of these zero-days were also discovered in similar blockchain networks, such as Litecoin and Zcash. While not all the bugs are exploitable in nature due to the differences in codebase between the networks, at least one of them could be exploited by attackers on each network.