Second Vulnerability in Bitcoin’s Lightning Network Discovered

2020-10-10 01:10

Developers have found a new vulnerability in the Bitcoin Lightning Network’s node software, according to a recently published disclosure notice.

Few Details Have Been Revealed

Lightning developer Conner Fromknecht disclosed the issue on Oct. 9 on the project’s mailing lists. The disclosure advises node operators to upgrade their software as soon as possible.

It is not clear how serious the vulnerability is. The disclosure does not reveal how the potential exploit works, though it does suggest that the vulnerability has not been exploited “in the wild. Furthermore, the bug has already been fixed: version 0.11 of the Lightning Network software solves the problem and was released in late August, which means that many Lightning node operators have already installed the fix.

However, the team notes that the vulnerability was discovered in such a way that the disclosure process has been shortened. Full details about the bug will be released on Oct. 20.

Lightning Labs also says that it will begin a “comprehensive bug bounty program” in the near future, meaning that there will be monetary rewards for those who discover future bugs.

Lightning Network Security in Question

The Lightning Network is a still-developing layer-2 payment protocol that operates on top of Bitcoin, enabling faster and cheaper transactions on the network.

This is the second time a vulnerability has been discovered in Lightning’s node software. Last year, Bitcoin developer Rusty Russell found a separate vulnerability that allowed attackers to steal funds by sending invalid transactions. Though Lightning Labs never announced how many users fell victim to the exploit, the team confirmed that the vulnerability was indeed exploited “in the wild.”

Both of these bugs concern short-lived programming oversights, not security issues that are fundamental to the design of Lightning itself. Many see Lightning Network as the most promising way to speed up Bitcoin transactions and reduce transaction fees. Major crypto companies like Bitfinex and CoinGate have adopted the Lightning Network without any apparent issues.

On the other hand, Lightning Labs itself has stated that the project is in its “early stages” and has advised users not to “put more money on Lightning than [they are] willing to lose.” As such, it is not clear whether the Lightning Network is truly ready for prime time.

origin »

Bitcoin price in Telegram @btc_price_every_hour

Decentralized Vulnerability Platform (DVP) на Currencies.ru

$ 0 (+0.00%)

Объем 24H $0

Изменеия 24h: 0.00 %, 7d: 0.00 %

Cегодня L: $0 - H: $0.0003303

Капитализация $0 Rank 99999

Цена в час новости $ 0.0259254 (-100%)

network discovered lightning bitcoin vulnerability second

246 +

Источник: cryptobriefing.com

network discovered → Результатов: 60

Hackers Have Been Using Dogecoin to Deploy Malware for 6 Months & No One Noticed

Researchers at Intezer discovered a new malware that relies on the Dogecoin blockchain network to deploy the attack against cloud servers.

2020-7-31 01:00	dogecoin
deploy dogecoin malware relies new servers blockchain

528 +

The Mysterious Satoshi Nakamoto Allegedly Leveraged a Russian Proxy for Communications

4,171 days ago in 2009, Satoshi Nakamoto invoked the Bitcoin network after sharing the white paper with people since Halloween 2008. Just recently, it has been discovered that Nakamoto leveraged a Russian proxy to obfuscate his whereabouts and the inventor used the proxy back in January 2009.

2020-6-6 17:50
nakamoto proxy satoshi 2009 russian leveraged discovered

925 +

Microsoft: Russian government hackers are targeting IoT devices

Microsoft today warned that Russian government hackers have been using video decoders, printers, and internet of things devices to breach computer networks. In a blog post, the Microsoft Threat Intelligence Center wrote that the “devices became points of ingress from which the actor established a presence on the network and continued looking for further access.

2019-8-6 03:36	Insider
microsoft devices hackers russian actor government video

657 +

LinkedIn fixed a flaw that let someone post a job opening for Google’s CEO position

LinkedIn has closed a loophole that allowed almost anyone to post a job listing on company pages without any authorization. Netherlands-based recruiter Michel Rijnders discovered the problem and posted his findings on the Microsoft-owned professional social network.

2019-7-29 08:11	Tech
linkedin job google company loophole flaw page

324 +

Binance suddenly finding $775,000 in XLM is totally not a publicity stunt

Prominent cryptocurrency exchange Binance has apparently stumbled upon almost 10 million Stellar (XLM) tokens, worth $775,000 — you know, just laying around. According to a Binance blog post, the firm had been unknowingly receiving dividends for validating transactions on the Stellar network since August 31 2018.

2019-7-18 18:56	hard fork
binance xlm stellar had 775 cryptocurrency worth

408 +

Block Size Debate Rehashed: Incentives to Run a Full Node Versus a Low Fee Market

Recently, Bitcoin users discovered that many 2 MB blocks were showing up as a result of SegWit adoption and a resulting increase in block capacity. Throughput on the Bitcoin network went from three transactions per second to seven transactions per second for these select blocks.

2019-7-11 17:00	SegWit
bitcoin block second blocks per btcmanager transactions

359 +

A hacker penetrated NASA’s network using a $35 Raspberry Pi

A hacker illegally accessed NASA’s Jet Propulsion Laboratory in 2018 by targeting an off-the-shelf micro-computer called a Raspberry Pi. The breach was discovered in 2018, but just disclosed to the public in a June 18 report.

2019-6-25 02:00	security
raspberry nasa hacker micro-computer discovered 2018 network

374 +

BlackSquid Malware Exploiting Web Servers to Mine Monero (XMR)

Cybersecurity researchers have discovered BlackSquid, a new malware family that exploits unpatched loopholes in web servers, network drives, and removable drives to mine privacy-centric monero (XMR), according to a TrendMicro report on June 3, 2019.

2019-6-5 09:00	XMR
monero web malware blacksquid exploits xmr servers

404 +

Data Breach Report From Instagram Raises Concerns About Upcoming Facebook’s Digital Currency

Facebook, the most popular social network in the world, has been affected by different data leaks over the last years. This has harmed users and individuals that had data stored on their platform. Now, the security researcher Anurag Sen discovered that there was a public Amazon Web Services (AWS) database that had the information of […]

2019-5-21 18:33	Facebook
data facebook had platform researcher security individuals

366 +

Op Ed: Hanging Money Launderers Out to Dry: The Role of KYC/AML in Blockchain

Crime isn’t supposed to pay, but sometimes the wages of sin are paid in bitcoin. Last week, Japanese police reported that 2018 saw a tenfold increase of cryptocurrency money laundering.

2019-3-20 16:49	Op-ed
cryptocurrency world blockchain aml money kyc technology

767 +

Will This Vulnerability Finally Compel Bitmain to Open Source Its Firmware?

As if Bitmain’s year hasn’t been rough enough, having posted big losses and laying off entire departments, its flagship product now has a firmware vulnerability. A few weeks ago, Bitcoin Core contributor James Hilliard discovered an exploit in Bitmain’s S15 firmware.

2019-2-21 23:44	Mining
firmware bitmain hilliard vulnerability source bitcoin open

757 +

How Will Ethereum Hark Fork Effect Prices This Time Around?

Just 48 hours before the planned Constantinople hard fork for Ethereum the brakes were anchored on as a network code vulnerability was discovered. The price of Ethereum took a dive and the upgrade was postponed until the end of this month.

2019-2-14 12:00
ethereum fork constantinople prices effect hark around

341 +

Edward Snowden Shows Support of Zcash (ZEC) Despite Recent Controversies

Zcash has been in the news recently for all the wrong reasons. Their team discovered and fixed a huge vulnerability of its system. Following that they said that vulnerability would have allowed hackers to counterfeit ZEC on the network, which would be a huge problem for the company. By using this bug, someone could print […]

2019-2-6 18:36	News
huge zec vulnerability zcash said network counterfeit

370 +

Zcash Fixes And Discloses Vulnerabilities That Would Allow For Infinite ZEC Counterfeiting

The Zcash team has recently discovered and fixed a huge vulnerability of its system. Now, the team explained all about it on its official site. This vulnerability would have allowed hackers to counterfeit ZEC on the network, which would be a huge problem for the company. By using this bug, someone could print infinite ZEC […]

2019-2-6 04:52	News
zec team zcash vulnerability huge infinite network

339 +

Parity Urges Users to Upgrade Ethereum Nodes Following Bug Discovery

Parity users have been told to upgrade their nodes after a vulnerability was discovered on February 3, 2019. Killing Bugs An attack on a blockchain is one of the most destabilizing things that could happen to a network, as can be seen with the 51 percent attack that took place on the Ethereum Classic networkRead MoreRead More.

2019-2-5 15:00	security
blockchain attack parity nodes users upgrade ethereum

273 +

BitcoinSV ‘feature’ exploited to store child abuse imagery on the blockchain

A change to the Bitcoin Satoshi’s Vision (BSV) protocol has inadvertently led to child exploitation material being posted to its blockchain, forcing apps and block explorers into actively monitoring the network for illegal content.

2019-2-4 19:22	hard fork
blockchain bsv network child imagery content site

367 +

New Mac Malware Can Steal Crypto from Exchanges, Can it be Prevented?

Unit 42, the global threat intelligence team at Palo Alto Network, discovered Mac malware that can steal cookies linked to crypto exchanges and wallets. Although usernames and passwords may not be sufficient to initiate withdrawals at crypto exchanges, if hackers manage to steal a combination of login credentials, web cookies, authentication cookies, and SMS data, it could steal user funds.

2019-2-2 21:32	Samsung
steal cookies exchanges crypto mac malware combination

389 +

Ethereum blockchain undergoes massive cryptocurrency gambling exodus

Cryptocurrency gamblers have left Ethereum-based decentralized apps (dApps) en masse. They’ve converted almost entirely to gambling on competing networks, taking their transactional volume with them.

2019-1-29 20:18	hard fork
dapps eos percent gambling dollar cryptocurrency deployed

289 +

Discredited Tron Accelerator to spawn more gambling dApps on Justin Sun’s network

Taking a break from the ongoing NiTROn 2019 conference, TRON foundation took to Medium to update the community on the TRON Accelerator situation. TRON was heavily criticized for certain issues that were previously discovered by the community regarding TRON Accelerator, project’s native development motivation program.

2019-1-19 11:49	Crypto Journal
tron accelerator discredited community issues network sun

307 +

Ethereum hardfork postponed due to security issues

The long-awaited Constantinople hard fork of the Ethereum network will be held later. A potential vulnerability has been discovered in the update code that compromises the entire network.

2019-1-16 00:43	News
ethereum network vulnerability potential later discovered compromises

342 +

Flaw Discovered in Lightning Network’s Cross-Chain Functionality

While the Lightning Network is mostly known as a way to make Bitcoin payments instant and practically free, another often-touted aspect of the layer-two protocol has been its ability to enable a sort of decentralized exchange as a side effect of its original goals.

2019-1-10 16:22	litecoin
functionality network lightning flaw discovered cross-chain goals

282 +

Starwood breach affecting 500M users reportedly part of a larger Chinese state-sponsored attack

Remember that massive breach of the Mariott-owned Starwood hotel chain from last month, which saw 500 million users’ data stolen? The New York Times reports that the intrusion was part of a larger state-sponsored intelligence-gathering effort spurred on by China‘s spy agency, the Ministry of State Security.

2018-12-12 09:46	United States
attack breach security starwood part larger chinese

354 +

Starwood breach affecting 500m users reportedly part of a larger Chinese state-sponsored attack

2018-12-12 09:46	United States
attack breach security starwood part larger chinese

339 +

Bug in NEO’s Blockchain Allows Hackers to Steal Remotely

A post on Chinese microblogging website Weibo has revealed that certain NEO users may be affected by a critical software vulnerability that could potentially lead to loss of tokens. The bug was reportedly discovered by another Chinese company, Tencent Security.

2018-12-3 21:00	Tencent
neo users chinese bug vulnerability blockchain company

330 +

Ethereum Vulnerability Could Have Allowed Attackers to Drain Hot Wallets

A recent vulnerability in the Ethereum network could have reportedly allowed hackers to gain massive profits from cryptocurrency exchanges which haven’t set up a Gas usage limit. A Critical Vulnerability A group of researchers discovered a vulnerability in Ethereum which allowed attackers to drain exchanges by burning their ETH on high transaction costs or to benefit directly by minting GasToken.

2018-11-27 02:00	#hackers
vulnerability ethereum allowed exchanges drain attackers could

435 +

The Battle Of BCH Blockchain Hash Power: ABC Chain Manages To Surge Ahead BSV By Design?

There was a major public sensation as eyes were fixed on the Bitcoin Cash network over the latter part of this week. This was because of the blockchain split which took place, breaking it into two after the last common block was discovered within the chain, spanning an overall height of 556766. As of right […]

2018-11-20 10:56	News
chain blockchain two breaking took split week

309 +

Just the Facts: An Unembellished Examination of Ross Ulbricht's Arrest

The Let’s Talk Bitcoin Network hosts several podcasts for regular discussion topics in the world of blockchain and cryptocurrency, including the popular weekly show What Bitcoin Did.

2018-11-20 22:58
ulbricht road silk part campaign case information

602 +

University shuts down its entire network to stop Bitcoin crypto-jackers

A Canadian university had to shut down its entire campus network after it discovered hackers had hijacked its computing power to surreptitiously mine cryptocurrency – Bitcoin, to be exact. In a statement released earlier this week, Nova Scotia-based St.

2018-11-7 13:44	hard fork
bitcoin university network hackers attack systems down

459 +

EOS Not Even a Blockchain, Whiteblock Study Claims

Blockchain testing platform Whiteblock studied whether the EOS network’s metrics coincided with the advertised figures and discovered significant discrepancies.

2018-11-5 18:31	News
eos whiteblock blockchain coincided advertised discrepancies significant

280 +

Ethereum’s Smart Contracts Lack Diversity, Posing Risk to Entire Network

Although Ethereum is the second most popular cryptocurrency, with a market capitalization of $21. 47 billion, and has the strongest developer community network, a University-based research paper recently discovered that most contracts on the Ethereum network are direct or near-direct copies of other contracts.

2018-11-5 14:59	ethereum
ethereum network contracts lack most smart cryptocurrency

353 +

Bitcoin and Bitcoin Cash Used on the Dark Web to Buy Stolen Facebook Accounts

The Independent, a media news site, reported Sept. 29 that Facebook, the world’s largest social media network, discovered another embarrassing hack in mid-September, just a few months after the infamous Cambridge Analytica scandal.

2018-10-8 17:59	Bitcoin Cash
bitcoin facebook media accounts social cash dark

371 +

Op Ed: There Is a Satoshi of Truth in Every Joke

This rather long meme, which has been circulating lately, makes fun of the views of Bitcoin supporters by listing commonly made statements and contrasting them with contradicting statements or developments.

2018-10-4 22:27	Op-ed
bitcoin network protocol should rules node people

627 +

Bitcoin Core Dev Takes Responsibility for Critical Bug: “I’m Embarrassed and Sorry”

John Newbery, a Bitcoin Core developer and contributor to cryptocurrency research and development group Chaincode Labs, takes responsibility for a critical bug recently discovered on the Bitcoin network.

2018-9-24 14:00	Bitcoin Cash
bitcoin bug critical core responsibility takes cryptocurrency

376 +

Bitcoin Flaw Discovered: Inflation Attack Creates Bogus BTCs

The disclosure brings to question whether state-sponsored or organized hackers would have succeeded in exploiting the Bitcoin software bugs had they known about them to threaten what was thought to be an impregnable blockchain network.

2018-9-24 14:00
bitcoin discovered inflation software flaw creates btcs

383 +

Let’s Talk Bitcoin: Authority in a Decentralized System

On the most recent episode of Let’s Talk Bitcoin!, the hosts discuss the now-defunct Bitcoin Alert system, devised by Satoshi himself. A rarity in the podcast space, this episode’s exploration involved no guest appearances, instead relying on the wealth of experience that Adam B.

2018-9-22 22:58
bitcoin system alert network episode satoshi andreas

524 +

How scooters could save Mexico City from being the world’s most polluted city

Grin is the mobility startup that has Mexico City’s dwellers scooting about the city with an easier, quicker, and more sustainable travel option. Latam. tech spoke to the team behind Grin to find out more.

2018-9-15 10:11	Syndication
city mexico grin sustainable travel out using

314 +

Bitcoin Core Developer Saves Bitcoin Cash from Crippling Vulnerability

A critical vulnerability in the Bitcoin Cash network was discovered in the nick of time by a benevolent Bitcoin Core developer.

2018-8-13 16:15	News
bitcoin vulnerability cash developer core nick time

329 +

Wormhole Bitcoin Cash (BCH) Smart Contract Platform Gets New Developments

Today on the 9th of August 2018, Wormhole was discovered by users on the Bitcoin Cash Network. No, I'm not talking about something in space – the very real company in platform developed by Bitmain, operating as a subsidiary of the main company.

2018-8-11 20:19	News
wormhole talking company platform cash bitcoin bitmain

415 +

Distributed Dialogues: Blockchain’s Better Side

The fact that great responsibility accompanies great power has become crystal clear in the blockchain world. While blockchains are most commonly connected with commerce, the potential impact of distributed ledgers is being discovered in fresh sectors daily.

2018-8-10 20:51
data blockchain make human flux behlendorf impact

726 +

Security Researchers Discover Sophisticated Twitter Crypto Botnet

On August 6, 2018, two security researchers at Duo Security who were studying Twitter automation patterns, stumbled upon a vast network of Twitter bot accounts promoting crypto fraud. The sophisticated network was accidentally discovered while the researchers were looking into how to create a methodology for accurately identifying Twitter bots.

2018-8-8 00:00	#twitter
twitter security researchers crypto sophisticated network btcmanager

319 +

Tron (TRX) Foundation Hands Over Bug Bounty Program to HackerOne

The Tron (TRX) Foundation had a Mainnet Bug Bounty program aimed at rewarding developers who discovered potential technical vulnerabilities in the Tron Mainnet. Through this project, the Tron Foundation was hoping to attract global leaders in network security so as to sustain the Tron mainnet and make it the most secure and stable public blockchain in […] The post Tron (TRX) Foundation Hands Over Bug Bounty Program to HackerOne appeared first on Ethereum World News.

2018-7-15 16:52
tron foundation mainnet program bounty bug trx

377 +

Opinion: EOS vulnerabilities will cause "massive exchange hack"

The EOS network has just started producing its blocks, but one well-known researcher of blockchain already warns that EOS vulnerabilities not yet discovered in the code will become the cause of a "massive exchange hack" in the near future.

2018-6-20 17:48	News
eos exchange hack massive vulnerabilities cause already

457 +

Vote Threshold Is Met: EOS Can Finally Launch Its Platform

According to data from EOS Authority, EOS has finally acquired the minimum votes required for its network to go live. After EOS failed to launch its platform on its projected launch date of June 2, a live-stream vote was called, where users voted “Go” to launch the blockchain network.

2018-6-15 03:10	Digital assets
eos votes vulnerabilities launch network vote token

804 +

дальше еще 11 новостей →

Партнеры Currencies.ru

Реклама на Currencies.ru

Самое свежее на Currencies.ru

OpenAI’s Internal Memo Attacks Anthropic Over Revenue

OpenAI circulated an internal memo this week directly attacking rival Anthropic, accusing it of inflating its $30 billion revenue figure by roughly $8 billion as Claude’s grip on enterprise AI becomes increasingly hard for the company to dismiss. OpenAI’s chief…

Crypto AI project OpenServ claims to beat OpenAI in direct benchmark comparisons

Crypto AI company OpenServ is trying to sell two things at once: an AI infrastructure story and a crypto token story. Its claim that its new model, SERV Nano, can match or beat OpenAI on some tasks has made that pitch more interesting, but they have also raised the standard of proof.

X to roll out auto-lock feature for first-time crypto mentions

X plans to auto-lock and verify first-time crypto mentions as Head of Product Nikita Bier says the move could curb phishing scams on X. The post X to roll out auto-lock feature for first-time crypto mentions appeared first on Crypto Briefing.

As quantum ‘Q-Day’ jumps to 2029, Ethereum faces a new fight over what to do with coins left in old wallets

The crypto industry has framed its quantum reckoning as a single catastrophic “Q-Day” moment when a sufficiently powerful machine arrives, old cryptographic keys shatter, and blockchain history unravels.

How Cravin uses provably fair verification in mystery boxes

Cravin combines provably fair verification with a Fair Value Guarantee that returns the difference in Credits when an item lands below the box price, pairing auditability with a smoother user experience.

Trump taps Meta, Nvidia, and a16z leaders for new tech council

The inclusion of tech leaders in PCAST could accelerate U.S. innovation, impacting global tech dominance and shaping future job markets. The post Trump taps Meta, Nvidia, and a16z leaders for new tech council appeared first on Crypto Briefing.

Elon Musk unveils Terafab in bid to unlock massive AI compute in space

Musk's Terafab could revolutionize AI compute, enabling unprecedented space infrastructure and advancing human expansion beyond Earth. The post Elon Musk unveils Terafab in bid to unlock massive AI compute in space appeared first on Crypto Briefing.

2020-10-10 01:10

network discovered → Результатов: 60

2020-7-31 01:00

2020-6-6 17:50

2019-8-6 03:36

2019-7-29 08:11

2019-7-18 18:56

2019-7-11 17:00

2019-6-25 02:00

2019-6-5 09:00

2019-5-21 18:33

2019-3-20 16:49

2019-2-21 23:44

2019-2-14 12:00

2019-2-6 18:36

2019-2-6 04:52

2019-2-5 15:00

2019-2-4 19:22

2019-2-2 21:32

2019-1-29 20:18

2019-1-19 11:49

2019-1-16 00:43

2019-1-10 16:22

2018-12-12 09:46

2018-12-12 09:46

2018-12-3 21:00

2018-11-27 02:00

2018-11-20 10:56

2018-11-20 22:58

2018-11-7 13:44

2018-11-5 18:31

2018-11-5 14:59

2018-10-8 17:59

2018-10-4 22:27

2018-9-24 14:00

2018-9-24 14:00

2018-9-22 22:58

2018-9-15 10:11

2018-8-13 16:15

2018-8-11 20:19

2018-8-10 20:51

2018-8-8 00:00

2018-7-15 16:52

2018-6-20 17:48

2018-6-15 03:10

Партнеры Currencies.ru

Реклама на Currencies.ru

Самое свежее на Currencies.ru

Add news: propose for publication, Submit ICO