loader gif

Tendermint Says Last Month’s Cosmos Vulnerability Exposed Security Loophole

Tendermint Says Last Month’s Cosmos Vulnerability Exposed Security Loophole (Malware and Vulnerabilities)

Tendermint, the firm behind the core technology of Cosmos, has released a full disclosure about a past vulnerability in the Cosmos SDK. The developers behind the Cosmos network released today a full disclosure of last month’s “critical security vulnerability” which reportedly enabled hackers to bypass certain penalties for misbehavior on the network. Jessy Irwin, Tendermint’s head of security, said in interview with CoinDesk that while the vulnerability disclosed today is the first of its kind to impact the Cosmos main network, “it’s not the first bug that has been reported to us.” The vulnerability, now fully patched on the Cosmos network, did require Cosmos validators to execute an emergency hard fork or system-wide upgrade. Irwin highlighted that in order for this hard fork to execute successfully without resulting in a network split, urgent notice need to be pushed to all Cosmos validators and other service providers who were running Cosmos software on their computers.

loader gif