DoS Flaw in Bitcoin

Friday, May 18, 2012 @ 01:05 PM gHale


Bitcoin fixed a flaw that allowed malicious users to perform denial of service (DoS) attacks on a victim’s node which stopped allowing network updates.

Bitcoin is an anonymous digital currency system. To send and receive payments, Bitcoin nodes encode the transfer information into blocks of data when then aggregate into a globally distributed block chain.

RELATED STORIES
Botnet Rises and Falls Again
Microsoft Seizes Zeus Servers
Reprise for Kelihos Botnet
Smart Malware on Growth Curve

Each transaction cryptographically signs and links to the previous one. For this system to work, the user’s client needs to communicate with the global network frequently in order to keep up to date with the transactions that occurred since the last time it was online. If a node isolates from the network for a significant amount of time, it can not initiate or receive transfers of bitcoins.

The developers have not yet explained how an attacker can exploit the vulnerability in the Bitcoin software because they want to give users sufficient time to patch their clients before releasing information hackers could use to reverse engineer a working exploit.

Developers did, however, release version 0.6.2 of the client which fixes the problem. Backports of the fix for versions 0.5.5 and 0.4.6 are also available. The developers said the vulnerability cannot compromise users’ wallets.

The Bitcoin client is available for Windows, Mac OS X and Linux.



Leave a Reply

You must be logged in to post a comment.