New Core Patch Fixes Bitcoin Network Vulnerability to DDoS AttacksThe Bitcoin Core team yesterday released a patch for a DDoS vulnerability that could prove fatal to the Bitcoin network.
The patch note urged miners to shut down their older versions urgently and replace them with the new version, Bitcoin Core 0.16.3. The announcement, first reported on Hacked, revealed that all the recent Bitcoin Core versions could be vulnerable to Distributed Denial-of-Service attack. An attack of such kind typically involves multiple compromised systems to flood a single system (or network) – similar to zombies encircling an uninfected person and disabling his movements.
DDoS perpetrators could attack a Bitcoin network by either flooding the block with duplicate transactions, thus jamming the transaction confirmation of other people, or by flooding the nodes on Bitcoin’s peer-to-peer network, thus over-utilizing the bandwidth through malicious transaction relays. The recent DDoS vulnerability, termed as CVE-2018-17144, tried to attempt the latter – flooding full node operators with traffic. Hacked reports:
“The way the potential exploit could work was by allowing anyone who was capable of mining a sufficient number of proof of work blocks to crash Bitcoin Cores running software versions 0.14.0 to 0.16.2.”
It also means that the miners who occasionally run Bitcoin Core were not vulnerable to the attack. Still, developers recommended all the miners to go ahead with the latest update to stay safe. Also, the patch fixed some other minor bugs related to consensus, RPC, invalid flag errors, and documentation.
https://www.ccn.com/new-core-patch-fixes-bitcoin-network-vulnerability-to-ddos-attacks/