Cosmos Discovers Major Vulnerability Affecting All Blockchains Using IBC
Cosmos developers have announced that they have identified a severe security vulnerability affecting all blockchains utilizing their Inter-Blockchain Communication (IBC) protocol.
1-hour ATOM/USDT Chart on Binance at 08:25 PM on October 14, 2022
On the evening of October 13, Cosmos founder Ethan Buchman revealed that the project discovered a critical security flaw that threatens all blockchains using any version of the IBC protocol.
The vulnerability was detected during a review of Cosmos software following a recent attack on BNB Chain’s cross-chain bridge, which utilizes Cosmos’ tools.
Attention all validators of any IBC-connected chains:
— iqlusion (@iqlusioninc) October 13, 2022
IBC Security Advisory Dragonberry has been released following an audit in the aftermath of the recent BSC exploit.
All IBC-connected chains need to be patched. A public patch to Cosmos SDK is imminenthttps://t.co/j8bZLdrZlg pic.twitter.com/5TVaQE9TxV
Buchman stated:
“Members of Cosmos and Osmosis have conducted a thorough review of IBC after the attack on BNB Chain. We have identified an extremely serious security vulnerability that could impact any blockchain using IBC.”
IBC, which stands for Inter-Blockchain Communication, is a protocol that enables blockchains built on the Cosmos SDK to share information and data with one another. This allows Cosmos to realize its ambition of becoming the “Internet of Blockchains.” Cosmos has recently gained attention through the app-chain trend, which supports the creation of individual blockchains for each dapp to ensure optimal scalability for the future.
Read more: “App-chain” Theory and Cosmos 2.0
To address this vulnerability, all blockchains using Cosmos' IBC will need to implement an update expected to be released on the evening of October 14. Buchman also did not rule out the possibility that blockchains on the Cosmos network may need to experience temporary outages during the fix.
Given the language and actions taken by Cosmos, it’s clear that this vulnerability is highly critical and poses a significant threat to the security of multiple blockchains, though detailed information has yet to be fully disclosed.
As of now, there are 51 blockchains utilizing Cosmos' IBC protocol, including notable names such as Osmosis, Cosmos Hub, Evmos, Injective Protocol, Juno, Cronos, Secret Network, Kava, and Terra.
The discovery of the IBC vulnerability comes at a particularly sensitive time for the crypto market, which has recently witnessed two major attacks on BNB Chain and Mango Markets, each resulting in nine-figure losses, along with a series of hacks targeting smaller protocols.
According to Chainalysis, 2022 is on track to break records for crypto attack damages, with $3 billion already stolen from projects, nearing the $3.2 billion record set in 2021. Notably, October 2022, despite being less than halfway through, has set a new record for the most profitable month for hackers this year, with $718 million in losses.
The price of Cosmos' ATOM token has not shown significant reaction to the news of the severe security vulnerability discovered in the project.
