The United States is Monitoring Vulnerabilities in Bitcoin

The United States has shown a keen interest in the cybersecurity aspects of Bitcoin, particularly honing in on a vulnerability associated with the Ordinals Protocol in 2022.
The National Vulnerability Database, overseen by the National Institute of Standards and Technology, a branch of the U.S. Department of Commerce, has brought attention to this issue for public awareness.
This underscores the growing focus of government agencies on the security dimensions of cryptocurrencies.
The vulnerability at the core of this development is specific to certain versions of Bitcoin Core and Bitcoin Knots.
It enables the bypassing of the datacarrier limit by disguising data as code.
In practical terms, this vulnerability could result in the Bitcoin network being inundated with non-transactional data, potentially causing congestion in the blockchain and affecting performance and transaction fees.
This concern is not merely theoretical, as evidenced by the exploitation of the Ordinals inscriptions in 2022 and 2023.
The Ordinals gained prominence in late 2022, involving the embedding of additional data onto a satoshi, the smallest Bitcoin unit, similar to the concept of nonfungible tokens on the Ethereum network.
The increased usage of Ordinals transactions has led to heightened network congestion, resulting in elevated transaction fees and slower processing times.
For blockchain enthusiasts, these issues are not just technical glitches but critical challenges that could influence the future trajectory of Bitcoin.
Luke Dashjr, a Bitcoin Core developer, has been outspoken about this vulnerability, likening it to receiving a flood of junk mail that obstructs essential communications.
This metaphor aptly encapsulates the essence of the vulnerability, disrupting the otherwise streamlined process of Bitcoin transactions.
In response to these concerns, a patch has been developed in Bitcoin Knots v25.1.
Dashjr notes that Bitcoin Core remains vulnerable in its upcoming v26 release.
He expresses hope that the issue will be addressed in the v27 release next year.
The implications of this vulnerability and its subsequent patching are substantial.
Rectifying the bug could limit Ordinals inscriptions, although existing inscriptions would persist due to the immutable nature of the network.
This situation underscores a broader theme in the cryptocurrency world: the constant evolution and the need for vigilance in maintaining network security.
The involvement of U.S. federal agencies in tracking and cataloging these vulnerabilities may signify a step toward more robust and secure blockchain technologies.
While the identification of Bitcoin's vulnerability by the NVD serves as a cautionary tale, it also presents an opportunity for growth and improvement in the cryptocurrency ecosystem.


This Cyber News was published on www.cysecurity.news. Publication date: Wed, 13 Dec 2023 16:43:04 +0000


Cyber News related to The United States is Monitoring Vulnerabilities in Bitcoin

Tracers in the Dark: The Global Hunt for the Crime Lords of Crypto - Y is the author of a book I can very greatly recommend, with the fascinating title Tracers in the Dark: The Global Hunt for the Crime Lords of Cryptocurrency. As I dug into this cypherpunk world, around 2010 and 2011, I came upon this thing that ...
1 year ago Nakedsecurity.sophos.com
Crypto Enthusiasts Embrace New Frontier: Investing in Bitcoin ETFs Explained - This was the first time the Securities and Exchange Commission approved an exchange-traded fund that contained bitcoin, but the Commission stressed that its decision does not mean it endorses or approves Bitcoin, but that it remains deeply sceptical ...
9 months ago Cysecurity.news
The United States is Monitoring Vulnerabilities in Bitcoin - The United States has shown a keen interest in the cybersecurity aspects of Bitcoin, particularly honing in on a vulnerability associated with the Ordinals Protocol in 2022. The National Vulnerability Database, overseen by the National Institute of ...
10 months ago Cysecurity.news
Comprehensive Cloud Monitoring Platforms: Ensuring - Platforms for comprehensive cloud monitoring come into play in this situation. In this article, we will explore the significance of comprehensive cloud monitoring platforms and delve into some leading solutions available in the market today. ...
11 months ago Feeds.dzone.com
Here's Some Bitcoin: Oh, and You've Been Served! - The case is thought to be first in which a federal court has recognized the use of information included in a bitcoin transaction - such as a link to a civil claim filed in federal court - as reasonably likely to provide notice of the lawsuit to the ...
9 months ago Krebsonsecurity.com
Navigating the Paradox: Bitcoin's Self-Custody and the Privacy Challenge - Self-custody in Bitcoin refers to individuals holding and controlling their private keys, which in turn control their bitcoin. This concept is akin to securing physical gold in a personal safe rather than relying on a bank or third-party custodian. ...
9 months ago Cysecurity.news
CVE-2024-38365 - The btcd Bitcoin client (versions 0.10 to 0.24) did not correctly re-implement Bitcoin Core's "FindAndDelete()" functionality. This logic is consensus-critical: the difference in behavior with the other Bitcoin clients can lead to btcd clients ...
4 weeks ago Tenable.com
SEC Approves Bitcoin ETFs, Crypto Industry Rejoices - The US securities regulator has officially approved the first US-listed exchange traded funds to track bitcoin, in what is being labelled a watershed moment for the world's largest cryptocurrency, as well as the broader crypto industry. Earlier this ...
9 months ago Silicon.co.uk
Monitoring Your Files for Security and Compliance | Tripwire - This may seem like a heck of a statement, but when you are monitoring against a cryptographic value or other attributes (including content), even the slightest deviation is a valid change & that change is detected and processed according to local ...
1 month ago Tripwire.com
Bitcoin Core Flaw Raises Concerns Regarding Blockchain Integrity - The blockchain's defence against spam may have a weakness, as this discovery has sparked concerns in the cryptocurrency community. According to Dashjr, Dashjr, Bitcoin Core users have been able to set limits on extra data in transactions using the ...
10 months ago Cysecurity.news
Addressing Bias in Insider Risk Monitoring - Enterprises often take similar steps to protect data from internal and outside threats, where teams analyze activities to identify potential risks. Security operations centers defending against these threats must look at employees, partners, and ...
8 months ago Cyberdefensemagazine.com
Addressing Bias in Insider Risk Monitoring - Enterprises often take similar steps to protect data from internal and outside threats, where teams analyze activities to identify potential risks. Security operations centers defending against these threats must look at employees, partners, and ...
7 months ago Cyberdefensemagazine.com
US Uses Visa Restrictions in Struggle Against Spyware - The United States will impose visa restrictions on foreign individuals who have been involving the misuse of spyware, the latest effort by the Biden Administration to address the dangers of the commercial software that often is used by governments ...
9 months ago Securityboulevard.com
SEC Twitter hacked to push fake news of Bitcoin ETF approval The Register - Breaking The SEC today said its Twitter/X account was hijacked to wrongly claim it had approved hotly anticipated Bitcoin ETFs, causing cryptocurrency to spike and then slip in price. In the past few minutes, the tweet was vanished. The SEC has not ...
9 months ago Go.theregister.com
El Salvador to Offer Citizenship for a $1 Million Bitcoin 'Investment' - Last week, the El Salvador government, along with the stablecoin company Tether, joined in an initiative called 'Adopting El Salvador Freedom,' which will enable foreigners to obtain a Salvadoran passport in exchange for a million dollars in Bitcoin. ...
10 months ago Cysecurity.news
A Russian Individual Admits to Illegally Moving Funds Obtained from Ryuk Ransomware - On Tuesday, Russian citizen Denis Mihaqlovic Dubnikov pleaded guilty to laundering money for the notorious Ryuk ransomware group for over three years. In November 2021, Dubnikov was arrested in Amsterdam and extradited to the United States in August ...
1 year ago Bleepingcomputer.com
A Russian Individual Suspected of Cleaning Funds Obtained from Ransomware Assaults - On Tuesday, 6 February 2023, Denis Mihaqlovic Dubnikov, a Russian national, admitted to the charges of laundering money obtained from cyberattacks conducted by the Ryuk ransomware group over a three-year period. Dubnikov, a former crypto-exchange ...
1 year ago Heimdalsecurity.com
Fighting For Your Digital Rights Across the Country: Year in Review 2023 - EFF works every year to improve policy in ways that protect your digital rights in states across the country. Thanks to the messages of hundreds of EFF members across the country, we've spoken up for digital rights this year from Sacramento to ...
10 months ago Eff.org
China Issues Alert on Geographical Information Data Breaches Impacting Transportation and Military - China has recently issued a stern warning regarding the use of foreign geographic software, expressing serious concerns about the potential leakage of critical information related to its essential infrastructure and military. This cautionary move ...
10 months ago Cysecurity.news
'Fugitive' Spanish aristocrat behind North Korea cryptocurrency conference arrested - Alejandro Cao de Benós, the Spanish man from an aristocratic family who became one the Western world's most vocal supporters of North Korea, has been arrested in Spain. The arrest relates to allegations of fraud in the United States, where the ...
11 months ago Therecord.media
FCC reveals Royal Tiger, its first tagged robocall threat actor - The Federal Communications Commission has named its first officially designated robocall threat actor 'Royal Tiger,' a move aiming to help international partners and law enforcement more easily track individuals and entities behind repeat robocall ...
5 months ago Bleepingcomputer.com
The US Needs To Follow Germany's Attack-Detection Mandate - To effectively combat these threats, the US needs to adopt a comprehensive and proactive approach to cybersecurity, similar to the one taken by Germany with its IT-SiG 2.0 mandate. The IT-SiG Approach Compared With the US's Current Capabilities One ...
11 months ago Darkreading.com
ShinyHunters Suspect Extradited to United States - The notorious hacking group, ShinyHunters, has been suspected of being extradited to the United States to face criminal charges. The news comes after a string of high-profile breaches attributed to the hacker collective. ShinyHunters are believed to ...
1 year ago Tripwire.com
Tesla 'Recalls' Two Million Cars Autopilot Risk - Elon Musk's Tesla is to 'recall' nearly every vehicle sold in the United States, after two year NHTSA investigation. Elon Musk's Tesla is having to recall nearly all its vehicles it has sold in the United States, after the US transportation safety ...
10 months ago Silicon.co.uk
China-Sponsored Hackers Lie in Wait to Attack US Infrastructure - In a stark warning this week, the Cybersecurity and Infrastructure Security Agency, FBI, and National Security Agency said that Volt Typhoon has compromised the IT environments of multiple critical infrastructure organizations in such sectors as ...
8 months ago Securityboulevard.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)