Cryptocurrency
by Jacob Brown on March 20th, 2019

White hat hackers detected 43 vulnerabilities in crypto platforms

Hacking is one of the biggest problems in the crypto industry today. According to Cyphertrace, about $927 million was stolen from multiple cryptocurrency exchanges in 2018. However, the report was made a long time before the year was finished, hence, it is believed that about $1 billion was lost thanks to hackers.  To ensure that the numbers are much smaller in 2019 many cryptocurrency exchanges are checking the reliability of their platform time after time. The best and most efficient way to determine if the crypto platform’s blockchain code is in any way vulnerable against major hacks is to try to hack it.

Various crypto development teams hired a group of professional white hat hackers to scour the open-source code to find out the vulnerabilities in multiple crypto platforms. The hackers were given a meager sum of $23.675 to detect the weak point in the coding and found out multiple vulnerabilities over a period of one month until March 13.

The details of the vulnerabilities and errors in coding have not been disclosed to the general public, but it was stated that several errors applied to the leaders of the crypto industry. However, the general consensus was that the majority of the errors were not significant and could be corrected in a short time before it would bring real harm.

Out of multiple errors, 43 bugs were of a critical nature

According to EOS, which is one of the largest platforms for creating decentralized applications in the world, five problem areas were detected. Out of five, four having to do with so-called “a buffer overflow problem.” The related code could have provided hackers a loophole to inject malicious code. As EOS announced, its team has already addressed these bugs.

The work performed by the white hat hackers started on February 13 and finished on March 13. The results of this work were reported to Hacker one, a vulnerability disclosure platform. Based on the report analysts assumed that the majority of the problems were not serious, however, the group of hackers suggested that 43 bugs had a critical nature. While these problems were found in less known platforms, some of the world’s largest cryptocurrency networks also happen to be in the list including Coinbase, Brave, EOS, Monero, and Tezos.

  • Coinbase – the largest U.S crypto exchange, Crypto.com, Electroneum, and Brave software each had one vulnerability in their codes.
  • Monero (XMR) Which is one of the favorite cryptocurrency platforms, ICON (ICX), and MyEtherWallet had two bugs.
  • Augur (REP) Which is a decentralized prediction markets platform had at least three errors.
  • Tezos, a “self-amending” crypto, and Blockchain network for deploying decentralized apps also had three vulnerabilities to amend.
  • Tendermint, a peer-to-peer networking protocol had four bugs.
  • EOS itself had five vulnerabilities in its platform coding database.
  • Omise, the developer of OmiseGO (OMG) platform had six errors.
  • The most errors out of the platforms that were tasted by the white hat hackers were found in the code of Unikrn, which is an e-sports gambling platform. There were up to 12 bugs detected in its code.

Such audits are slowly becoming a standard protocol in the crypto industry. As the nature of cryptocurrencies and Blockchain industry requires the need for strong protection and eliminating these kinds of vulnerabilities. It is an important matter that is sometimes addressed by governmental bodies themselves. For example, last year the Korean government held an inspection and determined that most of the largest cryptocurrency exchanges had serious security flaws. However, it is important that results will not be used by the competitors to discredit the platforms and companies that have such flaws.

By Jacob Brown

More content by Jacob Brown

Comments (0 comment(s))