Sign In

Communications of the ACM

ACM TechNews

Security Flaws Found in 26 Low-End Cryptocurrencies


A fuzzy view of cryptocurrencies.

Security researchers have uncovered flaws in 26 Proof of Stake cryptocurrencies that could "allow a network attacker with a very small amount of stake to crash any of the network nodes running the corresponding software."

Credit: ZDnet

Researchers at the University of Illinois at Urbana-Champaign have discovered two security flaws that impact 26 Proof of Stake (PoS) cryptocurrencies and could "allow a network attacker with a very small amount of stake to crash any of the network nodes running the corresponding software."

The researchers note  the vulnerabilities could enable an attacker to crash rival network nodes to gain a 51% majority for their own malicious servers and then control a currency's entire blockchain transactions, potentially leading to fraudulent operations and the theft of user funds.

Said the researchers in a blog post, "We call the vulnerabilities we found 'Fake Stake' attacks. Essentially, they work because PoSv3 implementations do not adequately validate network data before committing precious resources (disk and RAM). The consequence is that an attacker without much stake (in some cases none at all) can cause a victim node to crash by filling up its disk or RAM with bogus data."

From ZDNet
View Full Article

 

Abstracts Copyright © 2019 SmithBucklin, Washington, DC, USA


 

No entries found