Report: Over 40 Bugs in Blockchain and Crypto Platforms Detected Over Past 30 Days

Published at: March 14, 2019

White hat hackers have detected over 40 bugs in blockchain and cryptocurrency platforms over the past 30 days, tech news outlet The Next Web (TNW) reported on March 14.

According to an investigation conducted by TNW, 13 blockchain- and cryptocurrency-related companies were hit with a total of 43 vulnerability reports from Feb. 13–March 13.

In the blockchain field, e-sports gambling platform Unikrn reportedly got the most vulnerability reports, amounting to 12 bugs. Unikrn is followed by OmiseGo developer, Omise, having received six bug reports. In third place is EOS, with five vulnerability reports.

Consensus algorithm and peer-to-peer (P2P) networking protocol Tendermint received four bugs. Tendermint is followed by decentralized prediction market protocol Augur and smart contracts platform Tezos, with three each. Anonymity-focused cryptocurrency Monero, ICON, and MyEtherWallet reportedly saw two vulnerability reports each.

Major American crypto exchange Coinbase and the developer of blockchain browser Brave, Brave Software, reportedly received one vulnerability report each.

The hackers received a total of $23,675 dollars for their efforts, of which Tendermint contributed the most at $8,500. EOS gave $5,500 in rewards, while Unikrn awarded $1,375. TNW says that the low bounty amount suggests that the bugs were not critical.

In contrast, tens of thousands of dollars in bounties were handed out by EOS to white hat hackers who found critical vulnerabilities in its platform.

This week, major hardware wallets manufacturer Ledger unveiled vulnerabilities in its direct competitor Trezor’s devices. Among other issues, the Trezor device could purportedly be imitated by backdooring the device with malware and then re-sealing it in its box by faking a tamper-proof sticker, which is reportedly easy to remove.

Trezor subsequently responded to the claims, stating that none of the weaknesses revealed by Ledger are critical for hardware wallets. According to Trezor, none of them can be exploited remotely, as the attacks described require “physical access to the device, specialized equipment, time, and technical expertise.”

Tags

Blockchain

Cryptocurrencies

Hackers

Coinbase

Security

Monero

Eos

Tezos

Related Posts

White Hat Hackers Earn $32,000 for Finding Crypto Security Exploits in Last Two Months

White hat hackers have earned $32,000 in bounties over the last two months by reporting security holes in crypto and blockchain projects, according to a report by Hard Fork on May 20. This lump sum of over $30,000 was distributed by 15 firms from March 28 to May 16 and documented in 30 public bug reports, per the article. The rewards for a single discovery can differ depending on how damaging the exploit is. Hardfork noted that most of the bounties awarded by blockchain-driven firm OmiseGo were around $100; EOS company Block.one and the blockchain startup Aeternity, however, issued $10,000 …

Blockchain / May 20, 2019

White Hat Hackers Earned $878,000 from Crypto Bug Bounties in 2018, Data Shows

White hat hackers have been awarded $878,000 in bug bounties this year, technology news website TheNextWeb reports on Dec. 30. Bug bounties are a type of competition in which companies that develop software invite hackers to break their software and responsibly disclose the vulnerabilities, so they are able to fix them before they are exploited. According to TheNextWeb, hackers earned $534,500 on HackerOne, a bug bounty platform connecting companies with hackers just from Block.one, the company which stands behind EOS. In fact, Block.one is reportedly responsible for 60 percent of all the bounties handed in this year. Major cryptocurrency exchange …

Blockchain / Dec. 30, 2018

Report: Blockchain-related hacks have declined in 2020

The amount of cryptocurrency and blockchain-related hacks has been decreasing over the course of 2020, a new report claims. According to data analyzed by VPN provider Atlas VPN, the number of hacks in the first half of 2020 dropped more than three times compared to the same period in 2019. The data is part of a report released by Atlas VPN on Oct. 28. According to Atlas VPN, 2019 was a record-breaking year for blockchain hackers that exploited 94 successful attacks in the first half of the year, while in H1 2020 there were 31. Per the report, 2019 as …

Technology / Nov. 2, 2020

Eos Developer Block.one Announces Blockchain-Based Social Media Platform Voice

Eos (EOS) parent company Block.one has announced a blockchain-based social media platform called Voice, according to a press release shared with Cointelegraph on June 1. The firm claims that the platform will use the Eos blockchain to provide transparency on how it operates, without hidden algorithms or content-pushing mechanisms of which the user is unaware. In the press release, the CEO of Block.one, Brendan Blumer, compared Voice with traditional social media platforms, saying: “The truth is, current social media platforms are designed to use their users. Just look at the business model. Our content. Our data. Our attention. These are …

Blockchain / June 1, 2019

Five Critical Vulnerabilities Discovered in EOS in 2019, HackerOne Data Shows

EOS.io, the company responsible for the development of fourth-largest crypto by market cap EOS, has handed over bug bounties for five critical vulnerabilities this year. Public activity on breach disclosure platform HackerOne revealed the bounties. On Jan. 10, $40,750 was awarded to five white hat hackers on the platform by EOS.io, and the day after, another researcher received a $10,000 bounty. Five of those bounties are equivalent to $10,000 each, which is the highest possible payout reserved by the company only for the most critical vulnerabilities. The Tron Foundation, the company behind the cryptocurrency Tron, also awarded four bounties in …

Altcoin / Feb. 5, 2019