A bug on Ethereum’s Geth software client has caused a fork in the blockchain, essentially splitting the network in two simultaneous chains. The bug was said to have been exploited in Geth client’s v1.10.8 release.

According to Ethereum core developer Marius Van Der Wijden, an unidentified threat actor exploited the bug, which caused all Geth nodes with earlier versions to get split from the mainnet.

Go Ethereum, the official Golang (a software programming language) implementation of Ethereum, later issued an advisory for all nodes using its client to immediately update their software’s version.

The exploit causing the unintentional fork has raised concerns regarding a potential double-spend attack. Double-spend attacks on a blockchain network happen when a specific cryptocurrency is spent twice, thereby turning the cryptocurrency into a counterfeit and draining its value through inflation and a massive price reduction.

The Geth v1.10.8 update named as “Hades Gamma” would have fixed the bug and erased its trace going forward with a hotfix, but the threat actor was able to access it and launch the bug, infecting nodes working with prior versions. The bug was previously disclosed on August 18 by Ethereum developers.

The Geth client services some 3,947 nodes out of the existing 5,289 live Ethereum nodes. According to on-chain data, some 73% or 2,858 nodes running Geth have not updated to the latest, fixed version. Despite the serious implications of such a bug, it appears that the Ethereum ecosystem remains unaffected.

Leave a Reply

You may also like