Cryptocurrencies are unique in that they operate on a decentralized system that is not managed by central banks like traditional currencies. While this is a defining characteristic, it creates problems when security vulnerabilities are detected in the virtual currency systems. It is often unclear who runs the system, whether the system is affected by a specific vulnerability, or if a bug has been fixed.
Altcoins Are Slow to Address Security Vulnerabilities
Researchers from the Cluster of Excellence CASA—Cybersecurity in the Age of Large-Scale Adversaries at Ruhr University Bochum, Germany, led by Professor Ghassan Karame, have conducted a study on how long it takes for various cryptocurrencies to address security vulnerabilities. The study examines 44 of the most severe network security vulnerabilities documented in recent years.
Bitcoin, the best-known cryptocurrency, has an openly available source code that anyone can copy and launch their own cryptocurrency. Altcoins, which are various Bitcoin variations, are affected by security vulnerabilities found in the Bitcoin code. Karame and his team analyzed how different cryptocurrencies responded to these security vulnerabilities.
Using a tool specifically developed for this purpose, the researchers approximated the time it took for cryptocurrencies to close the security gaps. The results showed that Bitcoin fixed the vulnerability in just seven days, while Litecoin took 114 days, Dogecoin took 185 days, and Digibyte took almost three years.
The analyses of other security gaps revealed a similar pattern. Many altcoins took three-digit or even four-digit range to fix the flaws. Karame warns that during this time, it is possible to crash the entire system of the respective cryptocurrency with as few as tens of laptops.
In conclusion, the study highlights the slow response of altcoins to address security vulnerabilities. The decentralized system of virtual currencies poses security risks that need to be addressed promptly and efficiently to prevent potential threats.