Security vulnerabilities left unchecked in blockchain systems and smart contracts can lead to disaster for cryptocurrency investors.
Month after month data breaches and security incidents occur at both well-known cryptocurrency exchanges and startups.
Cyberattackers target Initial Coin Offerings (ICOs) to rinse investor funds, hackers use 51 percent attacks to dominate mining pools, and bugs in the blockchain itself can tear away the foundations of successful cryptocurrency-based economies.
Unless the building blocks of a cryptocurrency are stable, creating a successful ecosystem is close to impossible — and this does not just include market control, but cybersecurity.
Blockchain solution EOS, developed by Block.one, touts itself as the “most powerful infrastructure for decentralized applications.”
Powerful, perhaps, but not as secure as it could be.
TechRepublic: Ethereum: A cheat sheet for professionals
The company offered a minimum bounty of $10,000, a financial reward that bug bounty hunter Guido Vranken is enjoying.
The ethical hacker reported a number of vulnerabilities in the core EOSIO software, earning him $80,000 in one day. However, additional bugs have been submitted, which Vranken believes tallies up to a total of $120,000.
Due to the bug bounty hunter’s success, the startup offered Vranken a permanent role, although there is no information available on whether or not the job has been accepted.
The Cayman Islands-based startup managed to raise $4 billion during its ICO, despite the lack of a live product.
Vranken is evidently skilled at finding bugs, but the fact that one individual was able to find at least 12 vulnerabilities in one week while working alone suggests that EOS should take its code more seriously.
If it does not, the ICO, funding, and hype around its decentralized projects could all end up neutralized with one successful attack or data breach.