Halborn specialists detected a critical vulnerability in the Dogecoin code. They said that a similar issue affected several other networks.
1/ In March 2022, Halborn started to evaluate #dogecoin under a contract and found several vulnerabilities which were fixed by the Dogecoin team.
— Halborn (@HalbornSecurity) March 13, 2023
Experts noted that during the contract work that began in March 2022 they detected several bugs in Dogecoin. All the bugs were promptly fixed by the developers.
However, for security reasons, Halborn specialists did not publish details.
They noted that similar vulnerabilities affected more than 280 networks with a total market capitalization of $25 billion, including Litecoin and ZCash.
The Litecoin team closed the vulnerability found by Halborn. Network participants were advised to update the Litecoin Core client to version 0.21.2.2.
.@HalbornSecurity notified us of a security vulnerability discovered in many crypto clients, including Litecoin Core.
This was promptly fixed in Litecoin Core 0.21.2.2. Read more below…
If you haven’t yet upgraded to 0.21.2.2, we’d recommend upgrading upgrade ASAP! https://t.co/bFI7vZrfp4
— Loshan (@loshan1212) March 13, 2023
The most critical flaw was related to the “zero-day” vulnerability. The exploit allowed an attacker to remotely execute code on a mining node or carry out a DоS-attack.
4/ Another zero-day identified by Halborn was uniquely related to #Dogecoin, including an RPC vulnerability impacting individual miners.
Subsequently, variants of these 0-days were also discovered in similar blockchain networks potentially leading to DoS or RCE attacks.
— Halborn (@HalbornSecurity) March 13, 2023
“Experts noted that efforts were made to contact the affected networks for responsible disclosure.”
Earlier, the OpenSea NFT marketplace developers patched the critical vulnerability detected by Imperva.