White hat hackers have detected over 40 bugs in blockchain and cryptocurrency platforms over the previous 30 days, tech information outlet The Subsequent Internet (TNW) reported on March 14.
In line with an investigation carried out by TNW, 13 blockchain- and cryptocurrency-related firms have been hit with a complete of 43 vulnerability stories from Feb. 13–March 13.
Within the blockchain subject, e-sports playing platform Unikrn reportedly acquired probably the most vulnerability stories, amounting to 12 bugs. Unikrn is adopted by OmiseGo developer, Omise, having obtained six bug stories. In third place is EOS, with 5 vulnerability stories.
Consensus algorithm and peer-to-peer (P2P) networking protocol Tendermint obtained 4 bugs. Tendermint is adopted by decentralized prediction market protocol Augur and sensible contracts platform Tezos, with three every. Anonymity-focused cryptocurrency Monero, ICON, and MyEtherWallet reportedly noticed two vulnerability stories every.
Main American crypto change Coinbase and the developer of blockchain browser Courageous, Courageous Software program, reportedly obtained one vulnerability report every.
The hackers obtained a complete of $23,675 dollars for his or her efforts, of which Tendermint contributed probably the most at $eight,500. EOS gave $5,500 in rewards, whereas Unikrn awarded $1,375. TNW says that the low bounty quantity means that the bugs weren’t crucial.
In distinction, tens of 1000’s of dollars in bounties have been handed out by EOS to white hat hackers who discovered crucial vulnerabilities in its platform.
This week, main hardware wallets producer Ledger unveiled vulnerabilities in its direct competitor Trezor’s units. Amongst different points, the Trezor machine might purportedly be imitated by backdooring the machine with malware after which re-sealing it in its field by faking a tamper-proof sticker, which is reportedly straightforward to take away.
Trezor subsequently responded to the claims, stating that not one of the weaknesses revealed by Ledger are crucial for hardware wallets. In line with Trezor, none of them might be exploited remotely, because the assaults described require “bodily entry to the machine, specialised tools, time, and technical experience.”