Ethereum developer Peter Siladi mentioned a vulnerability where an attacker could disable the Avalanche network.

The programmer discovered the bug on March 29. It was also immediately fixed with the patch suggested by Siladya.

On September 8, the developer released a detailed report courtesy of Ava Labs engineer Patrick O’Grady.

The vulnerability was “a remote node crashed due to a malicious PeerList packet”.

The attacker can choose two attack options. In one case, register as an authenticator for 2000 AVAX (~$40,000) and send infected PeerList packets used for networking.

“This is pretty much instant death for the network, as the nodes connect to all the validators,” Siladyi said.

He described the cost of the attack as “acceptable”. According to him, a bet on the fall of the coin will bring a “pleasant profit” to the attacker. In the long run, the value of the funds invested will not suffer as the blockchain will “recover in a few hours,” Siladi said.

The second option for the attacker was to register a “non-verifier” node for free to send malicious packets. However, in this case, the programmer stated that it would require more time to stop the network.

“Avalanche is very comfortable with its network connections, and even one of them is enough to shut down the node,” the developer said.

Recall that in March, Ava Labs President John Woo refused to name Avalanche as a competitor to Ethereum.