Nodes of blockchain can be infected by malware like any other IT system. This has been proven
through POC software demonstrated by Interpol at Black Hat Asia in March 2015. This POC
software was morphed into malware that circumvented the blockchain node and introduce data
unrelated to transactions into the blockchain. Researchers have also demonstrated that
botnets have the ability to send messages utilizing the nodes in the network. Fujacks
Trojan, a botnet backdoor, has successfully proven that it can remotely control infected
computers that are nodes in a blockchain, collect information, and install other malware or
tools into the nodes of a blockchain.
Securing keys. Banks have concerns about transactions’ confidentiality, securing private keys
and the strength of cryptographic algorithms used in blockchain-based transactions.
A blockchain-based smart contract is visible to all users of that blockchain. However, this
leads to a situation where bugs, including security holes, are visible to all yet may not be
quickly fixed. Issues in Ethereum smart contracts, in particular, include ambiguities and
easy-but-insecure constructs in its contract language Solidity, compiler bugs, Ethereum
Virtual Machine bugs, attacks on the blockchain network, the immutability of bugs and that
there is no central source documenting known vulnerabilities, attacks and problematic
constructs.