As per a report by leading tech news outlet TheNextWeb (TNW), white hat hackers have found over 40 bugs in blockchain and crypto platform in the past 30 days. TNW also reported that in a study of over 13 platforms, a total of 43 vulnerabilities were discovered.
Tendermint, a consensus algorithm and peer-to-peer(P2P) network protocol was found to have four bugs. Decentralized prediction market protocol Augur and smart contracts platform Tezos were a close second with three bugs each. Further, Monero, MyEtherWallet, and ICON were reported to have two vulnerabilities each.
Unikrn was reported to have most vulnerability reports, having a total of 12 bugs. OmiseGo developer Omise was found to have six reports. Whereas, EOS grabbed third place with five bugs.
Leading US-based crypto exchange Coinbase and Brave software, reportedly received one vulnerability each.
The hackers amassed a total of $23,675 dollars for their endeavors. Moreover, Tendermint pooled $8,500. Unikrn awarded $1,375 and EOS shelled out $5,5000 in rewards. Per TNW the low bounty indicates that bugs were not critical.
On the other hand, more than tens of thousands of dollars were shelled out by EOS to white hat hackers who discovered vulnerabilities in the platform. This marks a big improvement from the staggering amount of $120,000 it once awarded to a security researcher who found a series of flaws in its platform.
Interestingly, earlier this week major hardware wallets manufacturer Ledger discovered vulnerabilities in Trezor’s devices, its competitor. The report unveiled that Trezor device could possibly be imitated simply backdooring the device with malware. Moreover, it would look as good as new by simply re-sealing it in its box and putting a tamper-proof sticker.
Trezor refuted all the claims made by Ledger and mentioned that none of the vulnerabilities revealed by Ledger are critical for hardware wallets. As per Trezor, a hacker cannot exploit it remotely, as the attacks described require physical access to the device with specialized equipment, a good amount of time and technical expertise.
Trezor further states that the results of the recent security survey performed in partnership with major cryptocurrency exchange Binance that only 6 percent of respondents believe that physical attack can be a plausible threat to their crypto funds. On the other hand, 66 percent claim they consider remote attacks the main problem.