In line with a recent report by native news source ‘The Next Web‘ [TNW], white hat hackers have identified over more than 40 bugs related to ‘blockchain‘ and cryptocurrency platforms over the past thirty days.
As per the investigation by TNW, around 13 blockchain and cryptocurrency related firms were hit with a total of 43 vulnerability reports from 13th Feb. to 13th March.
Within the blockchain field, e-sports gambling platform named ‘Unikrn’ reportedly got the foremost vulnerability reports, amounting to twelve bugs. Unikrn is followed by OmiseGo developer, Omise, having received around 6 bug reports. In third place is Eos [EOS], with 5 vulnerability reports.
Consensus algorithm and P2P [Peer-to-Peer] networking protocol named ‘Tendermint’ received four bugs. Tendermint is followed by decentralised prediction market protocol Augur and smart contracts platform Tezos, with 3 each. Privacy-focused ‘cryptocurrency‘ Monero, ICON, and MyEtherWallet reportedly saw two each vulnerability reports.
Leading American cryptocurrency exchange named ‘Coinbase’ and the developer of blockchain browser Brave, Brave software, reportedly received one vulnerability report each.
The hackers moreover received a total of $23,675 USD for their efforts, of that Tendermint contributed the foremost at $8,500 USD. Eos [EOS] gave $5,500 USD in rewards, while Unikrn awarded $1,375 USD. TNW added that the low bounty reward suggests that the bugs weren’t critical.
Just last week, leading hardware wallets manufacturer Ledger ‘revealed‘ vulnerabilities in its direct competitor Trezor’s devices. Among other problems, the Trezor device might supposedly be imitated by backdooring the device with ‘malware‘ and thereby re-sealing it in its box by faking a tamper-proof sticker, that is reportedly very simple to alter.
Trezor ‘responded‘ to the claims and announced that none of the vulnerabilities revealed by Ledger are critical for hardware ‘wallets‘. In line with Trezor, none of them could be exploited remotely, as the attacks mentioned require “physical access to the device, specialised equipments, time, and technical experience.”