Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Bitcoin Security Privacy The Internet Technology

Last Year's ICOs Had Five Security Vulnerabilities On Average, Say Researchers (bleepingcomputer.com) 44

An anonymous reader quotes a report from Bleeping Computer: Security researchers have found, on average, five security flaws in each cryptocurrency ICO held last year. Only one ICO held in 2017 did not contain any critical flaws. According to Positive.com, a security firm specialized in ICO security audits, most of the vulnerabilities they found, they discovered in the smart contracts at the base of the ICO itself.

"71% of tested projects contained vulnerabilities in smart contracts, the heart and soul of an ICO," the company said. "Once an ICO starts, the contract cannot be changed and is open to everyone, meaning anyone can view it and look for flaws. Typically, these would consist of non compliance with the ERC20 standard (the token interface for digital wallets and cryptocurrency exchanges), incorrect random number generation and incorrect scoping amongst others," Positive.com experts say. "Generally, these vulnerabilities occur due to lack of programmer expertise and insufficient source code testing."
According to the researchers, all the mobile apps ICO organizers have launched in 2017 contained security flaws. "The most common flaws in mobile apps are the use of insecure data transfer methods, storage of user data in phone backups, and disclosure of session IDs that an attacker could capture and use against the user," reports Bleeping Computer. Security bugs were also found in the web apps.
This discussion has been archived. No new comments can be posted.

Last Year's ICOs Had Five Security Vulnerabilities On Average, Say Researchers

Comments Filter:
  • Remind me again... (Score:2, Insightful)

    by Noryungi ( 70322 )

    ... why I should invest some $$$ in the shitcoin "du jour"?

    I have always said that computer security is a huge mess. As the crypto-currencies gain value, they provide more and more incentives to bad guys to hack your computer to get at your wallet.

    • by Anonymous Coward

      Windows 3.0 was perfectly secure because it didn't have networking, and Windows 10 is touted as the most secure version of Windows ever, therefore its security must be perfect.

  • "Only one ICO held in 2017 did not contain any critical flaws."

    And that one would be...?

  • Who the heck thinks these things are a good idea, beyond the fraudsters at the top of the pyramid?! Of course shortcuts are taken... after the first round of suckers, who really gives a s#!t?

  • "According to the researchers, all the mobile apps ICO organizers have launched in 2017 contained security flaws."

    My, that's awkward. Maybe they'll do better in 2018. ... or 2019 ... or 2020.

    I'm confident that if they prsevere, they can create a cryptocurrency that is merely pointless instead of being pointless and fatally flawed.

If all else fails, lower your standards.

Working...