Researchers have discovered multiple vulnerabilities in Ethereum cryptocurrency this month that when exploited by attackers can have devastating consequences.
These flaws can let attackers tamper with “smart contracts,” a mechanism that powers cryptocurrency transactions, much like real-world contracts.
The flaws include:
Researchers from the CyberNews.com Investigations team who disclosed these vulnerabilities stated they analyzed Ethereum blocks spanning a six-month period.
“We scanned 6 months’ worth of blocks from Ethereum’s blockchain and found that 3,779 contracts have 13 different types of vulnerabilities, including 4 high-severity vulnerabilities,” state the researchers in a report.
The researchers have estimated the value of vulnerable smart contracts at almost $1 billion.
” The total value of these vulnerable smart contracts is 2,088 ETH, which equals $964,172.”
For users relying on online Etherum ledgers and services, smart contracts can be reviewed using blockchain explorers like Etherscan.
Doing so can provide insights into whether smart contracts have been audited and verified.
“If the smart contract has not been audited or verified, we’d recommend avoiding that particular platform or online service,” state the researchers.
The news follows a 2016 incident surrounding a weakness in Ethereum smart contracts which had led to $50 million in losses.
Despite their claims of providing anonymity and freedom from centralized government-regulated currencies, cryptocurrency systems are not without their flaws and can be seized just as easily by the governments.
In 2021, parking app ParkMobile suffered a massive data breach impacting 22 million users whose…
When I first got into cybersecurity, I thought it was all about hackers in hoodies…
The US Air Force is investigating a “privacy-related issue” that may have exposed personally identifiable…
London’s iconic department store Harrods has disclosed that approximately 430,000 customer records were compromised in…
WestJet confirmed that in a June 2025 cybersecurity incident, a “sophisticated, criminal third party” gained…
Imagine getting an email straight from GitHub’s own notification system: the same one you've trusted…
This website uses cookies.