The Critical Vulnerability Of Tron Disclosed By HakerOne That Could Have Crashed The Network

A recent study has found that $1.6 billion worth Tron network could have crushed through a single computer as it had a critical bug in it. The platform HackerOne published the report on 2nd May.

The report says a huge chance was there to drain all the crypto resources of the Tron network from a single computer. The attack could happen using “bytecode”. It is the technology in which a large piece of bytecode could have been used to drain out all the resources of Tron.

In the report of HackerOne, it is mentioned that using a single machine hacker one could have sent DDOS attack to 51% of nodes that would have left the entire network useless. Although it was confirmed by Tron the bug has been resolved, they have paid $1500 to the researchers to find out the virus.

The network was tightly lipped about the bug until 2nd May, but the bug was first reported on 13th January. On 9th April the latest edition of Tron was released. The network has compensated a total of $878,000 to the researchers for finding out the bug. The researches have reported a total of 15 such bugs although Tron has paid the highest amount of $10000 for a single bounty.

If the bad actors had exploited the Tron network, then its value would have seen a severe dip. The worst the system would have faced is delisting from the exchanges.

Finding out cryptocurrency related bugs have become a lucrative business for white hat hackers. As per a report last year the blockchain companies have paid almost $900,000 to researchers for finding the bugs.

Presently many cryptocurrency companies are using the HackerOne platform to find out the bugs in them. Another cryptocurrency network Monero is also using the HackerOne platform. At the beginning of the current year, the digital currency platform Coinbase has paid $30,000 to a researcher for finding out a critical vulnerability.

In the present year until March, 43 different vulnerabilities were reported to different blockchain related firm. Some of the famous crypto companies including EOS, Monero, and Brave has also received the vulnerability report.

In 2018, independent researchers have earned a total of $878,000 of which half of the money came from the firm behind EOS project,

Presently, the most gainful way to exploit a bug is to report it.

Leave a comment