You must Register or Sign in to your Cyware account to perform this action
×Once you are logged in, you will be able to:
Customize your feeds by selecting categories you like
Comment on or Like an article
Receive the latest security stories, trends, and insights in your inbox
Build your profile and login across multiple devices
Bookmark a story and read it later
- Home
- Hacker News
- Malware and Vulnerabilities
- Unpatched Ethereum clients could pose risk of 51% attack, says report

Unpatched Ethereum clients could pose risk of 51% attack, says report
Unpatched Ethereum clients could pose risk of 51% attack, says report- May 20, 2019
- |
- Malware and Vulnerabilities
/https://cystory-images.s3.amazonaws.com/shutterstock_651428905.jpg)
- A significant number of unpatched nodes were found in popular clients such as Parity-Ethereum and Geth.
- Attackers could leverage these vulnerable nodes to carry out 51 percent attacks.
Ethereum may be the second most-favorite among blockchain users but research has uncovered serious security vulnerabilities found across the platform. As per a blog published by Security Research Labs, vulnerabilities in the Ethereum ecosystem were mainly due to unpatched nodes in the network. These nodes were of popular clients such as Parity-Ethereum and Geth.
Key Findings
- According to the blog, a third of Parity-Ethereum nodes were left unpatched even after a critical security patch was released a month ago. It was found that around 40 percent of all scanned Parity-Ethereum nodes were vulnerable.
- Furthermore, seven percent of active Parity-Ethereum nodes were not patched for nine months.
- It was discovered that the unpatched nodes could be remotely crashed. Nodes prior to versions 2.2.10 were susceptible.
- The other software client Geth had around 44 percent of vulnerable nodes which were running a version prior to v.1.8.20.
Missing ‘Patch Hygiene’
Security Research Labs suggested that most Ethereum users did not regularly patch their client software.
“The lack of patch hygiene among Ethereum users suggests that more serious vulnerabilities might also survive for days, weeks, or months among a significant number of Ethereum users, putting their own security and the integrity of the Ethereum ecosystem at risk. The consequences of the patch gap would be most severe if a remote code execution were found in a popular client software.” indicated the blog.
Unpatched Ethereum clients can be exploited by attackers in great numbers to carry out 51 percent attacks, where they can abuse computational power to conduct illicit double-spending. Therefore, blockchain users are advised to patch their software clients as soon as critical updates are available.
- + Aware
Get such articles in your inbox
News
-
Previous News Oregon Contractors Construction Board hit with security breach impacting contractor accounts
- May 20, 2019
- |
- Breaches and Incidents
-
Next News Websites of at least eleven institutions in Sri Lanka hit by cyber attacks
- May 20, 2019
- |
- Breaches and Incidents
Popular News
Related News
Categories
Get such articles in your inbox
News
-
Previous News Oregon Contractors Construction Board hit with security breach impacting contractor accounts
- May 20, 2019
- |
- Breaches and Incidents
-
Next News Websites of at least eleven institutions in Sri Lanka hit by cyber attacks
- May 20, 2019
- |
- Breaches and Incidents
Popular News
Related News
Categories
