Zcash updates its cryptocurrency client software to address the denial-of-service bug

14 April 2017

Zcash Zcash cryptocurrency service reported the introduction of the new update after discovering the vulnerability in the software allowing attackers to exploit it for a denial-of-service attack. In the official blog post of the company the spokespersons explained that the flaw provides a window for crackers to stage a remote crash of a zcash node using specially crafted transaction.

The post explains that users relying on zcashd release from 1.0.4 up to 1.0.8 are at risk, while those who update to zcashd 1.0.8-1 are not. The vulnerability was detected on Wednesday, but the team claims that they have already collaborated with the key exchanges, wallet providers and miners over mitigating further risks by way of taking proper actions.

In order to protect themselves users need to update to 1.0.8-1 release, while those using third-party services like exchanges or wallets need to figure out at their providers if they have updated to the latest version with the bug eliminated.

Zcash further explained that the impact is limited to only vulnerable versions, which means that if an attack is arranged, it will affect only users running old clients resulting in total crash of the Zcash software. Meantime, if there are any signs of organized attack, the team will be notifying the users by way of dedicated channels, causing all zcashd nodes to report the potential attack.

Zcash is a decentralized cryptocurrency developed by Zerocoin Electric Coin Company. While zcash transactions are published on a public blockchain, personal information remains private.

Blockchain techs
ACCC reports over $2 million lost in cryptocurrency scams by Australians in 2017
Analytics
How and where to start your cryptocurrency company?
Banking techs
Tel-Aviv Stock Exchange creates a blockchain-based securities lending platform
Show more posts...