Pentagon Report Outlines Blockchain Vulnerabilities

Share post:

A Pentagon-commissioned report has revealed some hard security truths about the blockchain, including the position that the blockchain is not decentralized, highly vulnerable to attack, and run on outdated software.

The Pentagon’s research arm, Defense Advanced Research Projects Agency (DARPA), hired Trail of Bits, a security research organization, to study the blockchain.

Trail of Bits focused on Bitcoin and Ethereum and discovered that it only takes four entities to disrupt Bitcoin and only two to disrupt Ethereum.

To analyze the challenges of Bitcoin security, the researchers from Trail of Bits registered multiple accounts with mining pool sites to study its code when available.

Security flaws discovered during the process include the fact that ViaBTC, a leading global mining company, assigns the password “123” to its account. Pooling, another mining company, does not even check the login credentials. Slushpool, a mining company that has mined more than 1.2 million Bitcoin since 2010, instructs users to ignore the password.

The three mining companies account for about 25% of the Bitcoin harsh rate, or total computer performance, and their security incompetence expose organizations and individuals to a high risk of cyberattacks. This is because the nodes used by crypto miners can easily be used to flood the network in a so-called Sybil attack using an inexpensive cloud server.

Another security problem in the blockchain is the use of older versions of software that cause software errors and bugs. Software bugs have already caused blockchain errors in Ethereum, and 21% of Bitcoin nodes run on older versions of the notoriously vulnerable Bitcoin Core client known to be vulnerable.

The sources for this piece include an article in TechRepublic.


Related articles

How your smart TV is watching you. Hashtag Trending for Monday, June 17th, 2024

Hashtag Trending is brought you with the generous sponsorship of Zoho Canada. We thank them for making it...

London hospitals cancel over 800 operations after ransomware attack

NHS England disclosed today that a recent ransomware attack on Synnovis has led to the cancellation of hundreds...

Microsoft cancels universal Recall release in favor of Windows Insider preview

Microsoft has decided to cancel the wide release of Recall, the controversial tool for Copilot+ PCs, and instead...

OpenAI’s revenue soars with subscription-based ChatGPT and developer integrations

There are reports that OpenAI has been been experiencing impressive financial growth. The Information reported that the company's...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways