Researchers have discovered multiple vulnerabilities in Ethereum cryptocurrency this month that when exploited by attackers can have devastating consequences.
These flaws can let attackers tamper with “smart contracts,” a mechanism that powers cryptocurrency transactions, much like real-world contracts.
The flaws include:
Researchers from the CyberNews.com Investigations team who disclosed these vulnerabilities stated they analyzed Ethereum blocks spanning a six-month period.
“We scanned 6 months’ worth of blocks from Ethereum’s blockchain and found that 3,779 contracts have 13 different types of vulnerabilities, including 4 high-severity vulnerabilities,” state the researchers in a report.
The researchers have estimated the value of vulnerable smart contracts at almost $1 billion.
” The total value of these vulnerable smart contracts is 2,088 ETH, which equals $964,172.”
For users relying on online Etherum ledgers and services, smart contracts can be reviewed using blockchain explorers like Etherscan.
Doing so can provide insights into whether smart contracts have been audited and verified.
“If the smart contract has not been audited or verified, we’d recommend avoiding that particular platform or online service,” state the researchers.
The news follows a 2016 incident surrounding a weakness in Ethereum smart contracts which had led to $50 million in losses.
Despite their claims of providing anonymity and freedom from centralized government-regulated currencies, cryptocurrency systems are not without their flaws and can be seized just as easily by the governments.
Telecommunication, media, internet service providers (ISPs), information technology (IT)-service providers, and Kurdish websites in the…
Rogue WordPress Plugin Found to Steal Credit Card Information in Magecart Campaign Threat hunters have…
The Assembly of the Republic of Albania and telecom company One Albania have recently fallen…
The banking malware Carbanak has resurfaced with updated tactics, incorporating attack vendors and techniques to…
One of the world's largest theme park operators, Parques Reunidos has disclosed a cybersecurity incident.…
Phishing kit used by multiple hacked sites generates a log in page on the fly…
This website uses cookies.