Most cryptocurrencies are open-source software and everybody is encouraged to develop them and search for vulnerabilities. Many cryptos rely on the work of volunteers that spend much of their time improving existing code or inventing solutions for problems that can be solved with blockchain technology. The motivation to dedicate time and resources can be very different. Some developers work because they believe in changing the world for the better. Others like to be recognized by their community and some are making a living by relying on bug bounties or grants.

What is Rab13s and how is it affecting hundreds of different networks?

Dogecoin got audited

Audits are a very common practice in software development. Somebody external is taking a close look at the code and the quality that it has been written with. Such audits are especially important to DeFi applications since they manage in some cases billions of Dollars. Needless to say, they need to emphasize the security of their protocols.

Other protocols need to be audited as well even though their security is often taken for granted because many improvements and fixes happen in the background. This includes cryptocurrencies such as Dogecoin, Litecoin, or Zcash.

It was yesterday when blockchain security company Halborn published a blog post with shocking news. They audited Dogecoin and found several vulnerabilities. One of them was named Rab13s and according to Halborn, over 280 blockchains are at risk.

Is crypto still safe?

Yes, cryptocurrencies are still perfectly safe. What Halborn discovered is a potential attack vector that allows an attacker to target single nodes and take them down. Two more vulnerabilities have been discovered but they are less severe since they require credentials and those are usually well protected.

What’s putting affected blockchains at risk is that an attacker could try to take down as many nodes as possible in the network and use that to leverage a 51% attack. This reduces the likelihood of such an attack for some cryptos like Litecoin drastically. A 51% attack on Litecoin would be super expensive. It would require to outweigh the hash rate of the network by more than half.

Rab13s is a problem for smaller networks but even in those cases, it would be a logistical nightmare. First, an attacker needs to take down as many nodes as possible, then he needs to buy as much hash rate as he can to attack the network. This requires not only coordination but also a substantial amount of money. The return on this investment is also questionable. Depending on how far he can take things before anyone notices the attack, he might even operate at a loss.

Why is this still important?

It is not always important that an attack is proving fruitful to the attacker. In some cases, individuals might act irrationally and burn valuable resources just to prove their point or annoy others. Another important mission is making cryptocurrencies as secure as possible.

While Rab13s might not pose an immediate risk for Litecoin or Zcash, it is still important to pay attention to the disclosure of Halborn accordingly and fix the vulnerabilities.