Cosmos Ecosystem Exploited By Critical Security Vulnerability

• Ethan Buchman announces Cosmos threatened by critical security vulnerability.
• This discovery was made while Cosmos developers inspected the IB code after the BNB Chain attack.
• Measures are being taken to patch the IBC blockchains.

During an IBC inspection after the BNB Chain attack on October 8, Cosmos developers found that the ecosystem was at risk of being exploited by a critical security vulnerability that endangered all IBC-enabled blockchains.

Co-founder Ethan Buchman posted an announcement on the Cosmos Hub governance forum today, sharing that the ecosystem’s lead developers have found the attack vector that threatens every Inter-Blockchain Communication protocol or IBC-enabled Cosmos chain.

There are 42 IBC-enabled blockchains that allow users to jump from one Cosmos blockchain to another effortlessly. These include Cosmos Hub, Osmosis, Cronos, and Evmos among others. Moreover, the official Cosmos website reads the total market cap of all IBC-enabled chains to be $8.18 billion.

Major blockchains like OKX Chain, Luna Classic, and Thorchain also once integrated IBC blockchains, however, they were deactivated over time for several reasons. The BNB Chain followed in the same footsteps.

The recent hack on the BNB Chain cost the project a $566 million loss, which inspired the Cosmos developers to analyze if the same vulnerability exploits other IBC blockchains.

Nevertheless, according to co-founder Buchman, measures have already been taken and patches are already being sent out to major IBC blockchains. Moreover, the patch was initially released privately to allow developers and validators to update the blockchains before announcements were made.

He further adds that over a third of a blockchain’s voting power should opt for a patch to be on the safer side. On October 14 at 14:00 UTC, the Cosmos SDK plans to launch a public version of the patch, advising all Cosmos validators to incorporate it regardless of the private patch integration.