An evaluation of the Dogecoin DOGE/USD open-source codebase for potential vulnerabilities that could compromise the security of the blockchain network uncovered numerous critical and exploitable vulnerabilities, which have been code-named “Rab13s.”
Upon investigation by cybersecurity firm Halborn, these vulnerabilities extended to over 280 additional networks, including Litecoin LTC/USD and Zcash ZEC/USD, thereby placing more than $25 billion worth of digital assets in jeopardy.
Significant Vulnerabilities In Peer-to-Peer Communications Uncovered
Researchers discovered multiple vulnerabilities within the open-source code for blockchain networks such as Dogecoin, Litecoin and other networks with comparable codebases.
The most critical vulnerability pertains to peer-to-peer (P2P) communications, in which attackers can craft malicious consensus messages and transmit them to individual nodes, subsequently causing these nodes to go offline.
Potential Risks And Consequences
The simplicity of the Rab13s vulnerabilities heightens the likelihood of an attack.
If successfully exploited, these vulnerabilities could result in a denial of service or remote code execution, thereby exposing the network to substantial risks, such as 51% attacks and other severe complications.
Addressing And Mitigating Vulnerabilities
In the interest of responsible disclosure, Halborn has made a concerted effort to contact the networks affected by these vulnerabilities.
In its report, the cybersecurity firm advised projects using a UTXO-based node to upgrade all nodes to the most recent version (1.14.6).
Speaking with Benzinga, Halborn’s COO David Schwed said the swift response by Halborn and the affected blockchain projects demonstrates the importance of collaboration in the Web3 ecosystem.
“By working together to mitigate risks, the community can ensure a more secure and resilient future for digital assets,” he added.