Go Ethereum error warning leads to attack
A critical flaw was detected in the 1.10.7 (and earlier) version of Geth, the Ethereum client also known as Go Ethereum.
The bug warning wasn’t an incentive enough to update
According to CoinGape, the exploit endangered over 50% of Ethereum nodes running the old version of the client that missed the update released on August 24th. As a result, the entire blockchain was forced to undergo an unplanned hard fork that split the network in half. 74% of the nodes used Geth, of which about 73% had an older version installed. Meaning, about 54% of the nodes were in danger.
The vulnerability was spotted on August 18th. Péter Szilágyi, leader of the Geth team, assured that the vector of the attack would be revealed soon.
Although the team didn’t disclose any specific information about the flaw, it still somehow found its way into the attacker’s hands. Despite the many warnings given by the team, only 30% of the users updated their clients to the latest version, making most of the current user base susceptible to the attack.
The nature and the impact of the attack
The developers think that warning the users was a mistake. They say it was the warning that ultimately drove the hacker to take advantage of the exploit.
The Twitter user Good Guy Biker gave a detailed description of the exploit and explained the nature of the attack.
The vulnerability set two Ethereum chains running in parallel. The update was able to fix the issue for one of the chains, leaving the other one unprotected.
The Ethereum team has faced similar issues before. In November 2020, the network failed to announce a potential danger in the network’s workflow, causing great discontent among its validators. This time around, they did warn the users, only to face more issues afterwards.
The big takeaway is that all users should be more heedful of security warnings. After all, it’s in everyone’s best interest.
I believe in the bright future of crypto. I have been investing since 2017 and look to share my experience in, and thoughts on, crypto and the blockchain.