Researchers to launch intentionally ‘vulnerable’ blockchain at Black Hat

Fibo Quantum

Hoping to raise awareness about blockchain vulnerabilities, cybersecurity firm  Kudelski Security next week plans to launch the industry’s first “purposefully vulnerable” blockchain – and will demo it at next month’s Black Hat conference.

Kudelski Security’s FumbleChain project is aimed at highlighting vulnerabilities in blockchain ecosystems, according to Nathan Hamiel, head of cybersecurity research at Kudelski.

The flawed blockchain ledger is written in Python 3.0, making it easy for anyone to read and modify its source code, and it’s modular – allowing users to hack and add new challenges to promote continuous learning.

The Kudelski blockchain will be available as both a code download on GitHub and as a demo on the company’s website, allowing testers to play with its features and learn how it works without having to download code.

“For the most part, blockchains aren’t inherently secure,” Hamiel said. “There’s an entire ecosystem around blockchain, just like there is around traditional applications. Quite often you’ll have vulnerabilities that crop up in places that are rather unexpected. What we wanted to do was create this pre-made blockchain, create this educational framework around it so you can learn more about it and more about blockchain security.”

The concept is similar to other open-source projects, such as creating web applications so developers can test their skills attacking them to expose vulnerabilities.