Editor's note: This story has been updated to reflect the correction of a vulnerability in Dogecoin code.
An evaluation of the Dogecoin DOGE/USD open-source codebase for potential vulnerabilities that could compromise the security of the blockchain network uncovered numerous critical and exploitable vulnerabilities that were code-named "Rab13s"and have since been corrected.
Upon investigation by cybersecurity firmHalborn,these vulnerabilities extended to over 280 additional networks, including Litecoin LTC/USD and Zcash ZEC/USD , thereby placing more than $25 billion worth of digital assets in jeopardy.
Dogecoin Core developer PatrickLodder said the vulnerabilities were discovered by Halborn, who privately informed Dogecoin maintainers. Dogecoin's maintainers took swift action and resolved the issues in the code that was released with version 1.14.6.
The bug fixes were incorporated into the network code, hardening effort that was already underway, he said.
"Today, with over 50% of the network having upgraded, the risk to the network as a whole is believed to be mitigated, but individual nodes that have not yet upgraded can still be vulnerable and all node operators are recommended to upgrade at their earliest convenience," Lodder said on a Dogecoin development board.
Significant Vulnerabilities In Peer-to-Peer Communications Uncovered
Researchers discovered multiple vulnerabilities within the open-source code for blockchain networks such as Dogecoin, Litecoinand other networks with comparable codebases.
The most critical vulnerability pertainedto peer-to-peer (P2P) communications, in which attackers can craft malicious consensus messages and transmit them to individual nodes, subsequently causing these nodes to go offline.
Also Read:FTX Set To Reclaim $460M From Bahamas-Based Hedge Fund In Settlement
Potential Risks And Consequences
The simplicity of the Rab13s vulnerabilities heightens the likelihood of an attack.
If successfully exploited, these vulnerabilities could have resulted in a denial of service or remote code execution, thereby exposing the network to substantial risks, such as 51% attacks and other severe complications.
Addressing And Mitigating Vulnerabilities
In the interest of responsible disclosure, Halbornsaid it made a concerted effort to contact the networks affected by these vulnerabilities.
In its report, the cybersecurity firm advisedprojects using a UTXO-based node to upgrade all nodes to the most recent version (1.14.6).
Speaking with Benzinga,Halborn's COO David Schwedsaid the swift response by Halborn and the affected blockchain projects demonstrates the importance of collaboration in the Web3 ecosystem.
"By working together to mitigate risks, the community can ensure a more secure and resilient future for digital assets," he added.
Read Next:Crypto Crackdown: SEC Warns Exchanges They 'May Be Subject To Federal Securities Laws'