Robert Steinadler, 3 months ago
Most cryptocurrencies are open-source software and everybody is encouraged to develop them and search for vulnerabilities. Many cryptos rely on the work of volunteers that spend much of their time improving existing code or inventing solutions for problems that can be solved with blockchain technology. The motivation to dedicate time and resources can be very different. Some developers work because they believe in changing the world for the better. Others like to be recognized by their community and some are making a living by relying on bug bounties or grants.
What is Rab13s and how is it affecting hundreds of different networks?
Audits are a very common practice in software development. Somebody external is taking a close look at the code and the quality that it has been written with. Such audits are especially important to DeFi applications since they manage in some cases billions of Dollars. Needless to say, they need to emphasize the security of their protocols.
Other protocols need to be audited as well even though their security is often taken for granted because many improvements and fixes happen in the background. This includes cryptocurrencies such as Dogecoin, Litecoin, or Zcash.
It was yesterday when blockchain security company Halborn published a blog post with shocking news. They audited Dogecoin and found several vulnerabilities. One of them was named Rab13s and according to Halborn, over 280 blockchains are at risk.
Yes, cryptocurrencies are still perfectly safe. What Halborn discovered is a potential attack vector that allows an attacker to target single nodes and take them down. Two more vulnerabilities have been discovered but they are less severe since they require credentials and those are usually well protected.
What’s putting affected blockchains at risk is that an attacker could try to take down as many nodes as possible in the network and use that to leverage a 51% attack. This reduces the likelihood of such an attack for some cryptos like Litecoin drastically. A 51% attack on Litecoin would be super expensive. It would require to outweigh the hash rate of the network by more than half.
Rab13s is a problem for smaller networks but even in those cases, it would be a logistical nightmare. First, an attacker needs to take down as many nodes as possible, then he needs to buy as much hash rate as he can to attack the network. This requires not only coordination but also a substantial amount of money. The return on this investment is also questionable. Depending on how far he can take things before anyone notices the attack, he might even operate at a loss.
It is not always important that an attack is proving fruitful to the attacker. In some cases, individuals might act irrationally and burn valuable resources just to prove their point or annoy others. Another important mission is making cryptocurrencies as secure as possible.
While Rab13s might not pose an immediate risk for Litecoin or Zcash, it is still important to pay attention to the disclosure of Halborn accordingly and fix the vulnerabilities.
May 16, 2023
Creating reliable backups of one’s hardware wallets is perhaps the most important thing. This is usually done by writing down a so-called seed phrase consisting of 24 words. Losing this recovery phase means losing access to the wallet if it is lost or physically damaged. A couple of methods are available to ensure the seed is kept safe. Some users go so far as to engrave them in steel plates to make them fire and waterproof.
May 16, 2023
Hardware wallets are the top-notch solution to keep cryptocurrencies and NFTs safe and sound. The devices are designed to provide a secure environment that is immune to remote access by any attacker. Therefore, most influencers, the broader media, and crypto communities recommend using a hardware wallet. Especially beginners are being told to use them to store their crypto. This is only sound advice given the fact that crypto worth billions of dollars got lost since the inception of Bitcoin.
Apr 20, 2023
Bitcoin transactions are not anonymous. Its blockchain is public and all transactions can be audited at any time. This is not a bug but a feature because only if every person in the world can audit every detail, then Bitcoin becomes a truly decentralized and secure digital form of money. This transparency also comes with a downside. Unlike a bank account, any company can watch the blockchain for activity and use the data for all kinds of purposes. One specific technology has been thought of several years ago to improve the situation.
Apr 19, 2023
Security is important when dealing with cryptocurrencies. All transactions are final and investors should always take into account that not everyone out there on the internet is being honest. Decentralized finance is especially vulnerable since many smart contracts are at work and one single line of buggy code can expose millions. This explains why so many exploits have happened in the past with so many different protocols throughout several blockchains. However, the most recent incident cannot be attributed easily.
Sign up to stay informed via our email updates