Many proponents of blockchain and crypto were hoping for 2019 to be the year for a “bug-less” cryptoverse. Unfortunately however, that isn’t turning out as everyone hoped it would, as only three months into 2019 and over 40 bugs have been detected in blockchain and crypto related platforms.
According to a report by the tech news outlet The Next Web (TNW), white hat hackers have managed to detect over 40 bugs in various blockchain and crypto platforms over the past 30 days.The report published on 14th March, revealed that according to an investigation carried out by TNW, as much as 13 blockchain, as well as crypto related companies were the target of 43 vulnerability reports between Feb. 13 and March 13.
In the blockchain sphere, Unikrn, which is an e-sports gambling platform, reportedly took the prize for the most vulnerability reports, amounting to a total of 12 bugs. OmiseGo developer followed in on a close second, having received only six bug reports, only half of Unikrn. In the third place, we have EOS with only five vulnerability reports.
Tendermint, the consensus algorithm and a peer-to-peer (P2P) networking protocol, received four bugs. Right behind Tendermint, is the decentralized prediction market protocol Augur, which received three bugs. Augur is joined by the smart contracts platform Tezos, which too received three bugs.
Even the anonymity driven cryptocurrency Monero couldn’t manage to stay bug free and reportedly saw two vulnerability reports. In addition, ICON and MyEtherWallet also witnessed two vulnerability reports.
Furthermore, the major American crypto exchange, Coinbase received one vulnerability report. Brave, the developer of blockchain browser joined Coinbase, as the Brave software received one vulnerability report as well.
The white hat hackers were handsomely awarded a total of $23,675 for their efforts, in which Tendermint contributed a total of $8,500, making it the biggest contributor. EOS gave out $5,500 in rewards, where as Unikrn awarded $1,376. According to TNW, the low amounts of bounties imply that the uncovered bugs were not as critical.
On the other hand, reportedly tens of thousands of dollars in bounties were handed out by EOS to white hat hackers who found critical vulnerabilities in its platform.
Moreover, only this week the major hardware wallets manufacturer, Ledger revealed the vulnerabilities in one of its major competitor’s devices, i.e. Tezor. Apparently the Tezor device could potentially be imitated by backdooring the device with malware and then re-sealing it in its box by faking a tamper-proof sticker, which is reportedly easy to remove.
Tezor didn’t deny the vulnerability, however it did respond claiming that none of the weaknesses revealed by Ledger are critical for hardware wallets; explaining that in order even remotely exploit the device, physical access to the device, specialized equipment, time, and technical expertise are required.
For further updates stay tuned to BlockPublisher.