Halborn, a cybersecurity company, has discovered a flaw exposing more than 280 blockchains to a so-called 51% attack. We take a look at this flaw, against which many players have already taken action.
Vulnerability exposes many blockchains to 51% attack
As part of a security audit initially conducted in March 2022 by Halborn on Dogecoin’s open source code (DOGE), the company discovered several vulnerabilities common to other networks. And with good reason, it was determined after extensive research that more than 280 blockchains were affected, and that for one of the most critical of these flaws, its exploitation could theoretically facilitate a 51% attack.
Such an attack would, if successful, allow the targeted network to be taken over. The flaw, called RAB13, would allow malicious messages to be sent to nodes in a network, bringing them to a halt. The attack is then facilitated by the fact that it would become easier to control 51% of the network, as Halborn explained in a Twitter thread:
Secondly, attackers can execute code through the public interface (RPC) as a normal node user. Since a valid credential is required to carry out the attack, the likelihood of this exploit is lower.
– Halborn (@HalbornSecurity) March 13, 2023
An update to address the problem
After this discovery, Halborn’s teams tried to contact the different entities behind each blockchain concerned. In total, $25 billion in capitalization was considered “at risk,” and this included networks such as Litecoin (LTC) and Zcash (ZEC). The latter two having already announced that they have taken action.
This issue only affects blockchains with a consensus using a proof-of-work (PoW) model. Specifically, Halborn states that this applies to “UTXO-based nodes”, and that the latest software update should be performed to close the loopholes.
Since they have never been discovered or exploited, all of the vulnerabilities discussed are referred to as “Zero Day” flaws:
” Subsequently, variants of these zero-days were also discovered in similar blockchain networks, including Litecoin and Zcash. […] On vulnerable networks, successful exploitation of the relevant vulnerability could result in a denial of service (DDoS) or remote code execution. “
No serious consequences have been reported as a result of these findings. Nevertheless, all those involved in this common code base are encouraged to make the necessary updates, and to contact the Halborn teams if necessary.
