Home → News → Security Flaws Found in 26 Low-End Cryptocurrencies → Full Text

Security Flaws Found in 26 Low-End Cryptocurrencies

By ZDNet

January 29, 2019

[article image]

Researchers at the University of Illinois at Urbana-Champaign have discovered two security flaws that impact 26 Proof of Stake (PoS) cryptocurrencies and could "allow a network attacker with a very small amount of stake to crash any of the network nodes running the corresponding software."

The researchers note  the vulnerabilities could enable an attacker to crash rival network nodes to gain a 51% majority for their own malicious servers and then control a currency's entire blockchain transactions, potentially leading to fraudulent operations and the theft of user funds.

Said the researchers in a blog post, "We call the vulnerabilities we found 'Fake Stake' attacks. Essentially, they work because PoSv3 implementations do not adequately validate network data before committing precious resources (disk and RAM). The consequence is that an attacker without much stake (in some cases none at all) can cause a victim node to crash by filling up its disk or RAM with bogus data."

From ZDNet
View Full Article


Abstracts Copyright © 2019 SmithBucklin, Washington, DC, USA


No entries found