Leaderless DAO Put to the Test Following Ethereum Vulnerability
A vulnerability in the way some developers are implementing Ethereum has resulted in a last-minute fix to The DAO, a distributed autonomous organization with over $150m at its disposal to invest in Ethereum-based projects. Without a leader or any formal security team to identify and fix potential security threats, that responsibility falls to an open-source community comprised of members who bought voting rights in the organization with ether as part of its creation phase. While the identities of some of those involved are still unclear, the method by which the vulnerability was identified....
Related News
The number of options available to the ethereum development community as it searches for a way to recover investor funds lost when The DAO was compromised is dwindling with news that a vulnerability in one of the more prominent solutions has been discovered. As it turns out, a soft fork that would have sought to blacklist the ether address that holds the confiscated funds, preventing it from conducting any transactions, actually exposes a previously undetected attack vector. In a post on the Ethereum Foundation blog, developer Felix Lange explains that the exploit would slow down mining....
Albeit Bitcoin and Ethereum wallets have only recently started appearing on the iOS App Store; cryptocurrency users will need to be extra vigilant. A new hack allows attackers to switch legitimate applications with malicious versions. This also means we may very well see fake bitcoin and Ethereum wallet releases in the future. It has to be said, however, this attack requires the assailant to have physical access to the device in question. To a lot of people, this may apparently mitigate the attack vector, but do not be fooled into thinking the threat is over all of a sudden. The....
A hacker has made off with $2 million in bug bounty after finding an alarming vulnerability with the Ethereum network. This bug could have been very bad if it had been found by black hat hackers who could have exploited the digital asset for billions of dollars worth of ETH. Instead, a ‘grey hat’ hacker popularly known as Saurik informed the Ethereum team of the vulnerability, netting himself a sizable reward in return. Finding The Vulnerability On Ethereum Hacker Saurik had found the vulnerability on Optimism, an Ethereum layer 2 rollup solution. The hacker himself published a report as....
The Ethereum network is facing a chain split after an exploit forced over 50% of its nodes to upgrade their client to prevent further attacks. This security vulnerability was detected, reported, and fixed by Go Ethereum, developers of the affected client, Geth. On August 24th, 2021, via their official Twitter handle, Go Ethereum and its […]
During security testing a vulnerability was exposed on the Authy app, a two-factor authentication tool. Less than 0.2% of Authy users were affected. An outside security research team discovered the vulnerability which affects users who changed the phone number on Authy accounts since February 2014. The users affected were no longer able to access their original phone and so thus had to prove phone ownership. This process included government issued ID’s. Authy immediately moved to patch the vulnerability and has no evidence the vulnerability was exploited by nefarious characters. Authy sent....