UPDATED 21:35 EST / JANUARY 15 2019

BLOCKCHAIN

Ethereum price plunges after security vulnerability found in planned update

The price of Ethereum plunged today as the developers of the cryptocurrency were forced to delay an update following the discovery of a new security vulnerability.

The Ethereum Improvement Proposal 1283, code-named “Constantinople,” was scheduled to go live Wednesday, but that has now been delayed to a date unknown after a security company detailed a vulnerability that may have allowed hackers to steal funds.

Described on Medium by Chainsecurity AG, the bug related to a feature in Constantinople that was meant to allow for cheaper processing costs – “Gas” in Ethereum terms.

The vulnerability was found to allow for a so-called reentrancy attack, an attack that would allow a hacker to take over the control flow of Ethereum smart contract transactions and make changes to the data. The name reentrancy comes from the ability to repeatedly rerun the same transaction allowing for an attack to constantly withdraw funds until the wallet of the victim is run dry.

“An attacker could essentially be ‘withdrawing funds forever,’” Joanes Espanol, chief technology officer of blockchain analytics firm Amberdata, told CoinDesk. “Imagine that my contract has a function which makes a call to another contract … If I’m a hacker and I’m able to trigger function a while the previous function was still executing, I might be able to withdraw funds.”

The late timing of the withdrawal has caused chaos in the Ethereum community given that the code for the update was already in the process of being implemented by exchanges and Ethereum miners.

Cryptocurrency exchanges, miners and other node operators are being advised that they must either upgrade to emergency versions of their Ethereum software clients or downgrade to the previous pre-update release. Failing to change the Ethereum code will cause those running the pre-update release to be disconnected from the main Ethereum network, according to CCN.

Already having a horrible 12 months that has seen its price drop by as much as 90 percent, Ethereum spooked investors further. ETH dropped about 6 percent, to $120.01, as of 9:30 p.m. EST.

Image: Pixabay

Since you’re here …

… We’d like to tell you about our mission and how you can help us fulfill it. SiliconANGLE Media Inc.’s business model is based on the intrinsic value of the content, not advertising. Unlike many online publications, we don’t have a paywall or run banner advertising, because we want to keep our journalism open, without influence or the need to chase traffic.The journalism, reporting and commentary on SiliconANGLE — along with live, unscripted video from our Silicon Valley studio and globe-trotting video teams at theCUBE — take a lot of hard work, time and money. Keeping the quality high requires the support of sponsors who are aligned with our vision of ad-free journalism content.

If you like the reporting, video interviews and other ad-free content here, please take a moment to check out a sample of the video content supported by our sponsors, tweet your support, and keep coming back to SiliconANGLE.

Cookies

We employ the use of cookies. Find out more.