Critical mistakes that affect Litecoin, Zcash, Dogecoin and other networks: Research

14. März 2023, 22:03 Uhr

Aktualisiert: 14. März 2023, 22:19 Uhr

Von Krypto News Österreich

The blockchain security company Halinorn has discovered several critical and exploited weaknesses that affect more than 280 networks, including Litecoin (LTC) and ZCash (ZEC). This weak point with the code name "Rab13S" has endangered digital assets worth over $ 25 billion.

This was first discovered in the Dogecoin network a year ago, which was then remedied by the team behind the leading Memecoin.

51 % attacks and other problems

According to the official blog post, Holborn researchers discovered the most critical weak point in connection with peer-to-peer communication (P2P), which, if it is exploited, can help to create consensus messages and to send them to individual knots and to switch them off offline. Ultimately, such a threat can also suspend risks such as 51%attacks and other serious problems.

"An attacker can crawl the network peers with the Getaddr message and attack the unpaid knots."

The company identified another zero-day that is clearly related to Dogecoin, including an RPC (Remote Procedure Call) weak point in the remote code version that affected individual miners.

variants of these zero-days were also discovered in similar blockchain networks such as Litecoin and Zcash. Although not all errors can be used between the networks due to the differences in the code base, at least one of them could be used by attackers in any network.

In the case of susceptible networks, Salvanorn said that a successful use of the corresponding vulnerability could lead to denial of service or remote code version.

The security platform is of the opinion that the simplicity of these weaknesses of RAB13S increases the possibility of an attack.

In further studies, the researchers from Halbborn found a second weak point in the RPC services, which made it possible for an attacker to crash the node via RPC inquiries. However, successful use would require valid login information. This reduces the possibility that the entire network is at risk because some nodes implement the stop command.

A third vulnerability, on the other hand, has malicious entities in the context of the user, which carries out the node via the public interface (RPC). The likelihood of this exploit is also low, since even this requires a valid proof of authorization to carry out a successful attack.

bug-Exploits

In the meantime, an exploit kit for Rab13S has been developed, which contains a proof of concept with configurable parameters to demonstrate the attacks on various other networks.

Semorn has confirmed to share all the necessary technical details with the identified stakeholders in order to help them fix the errors and to release the relevant patches for the community and the miners.