Home Cryptocurrencies NewsSecurity firm dWallet Labs flags validator vulnerability that could affect $1B in crypto
    Cryptocurrencies News
    0

    Security firm dWallet Labs flags validator vulnerability that could affect $1B in crypto

    2023.11.21 | exchangesranking | 168onlookers
    8081b7b6>

    Blockchain security firm dWallet Labs recently disclosed a vulnerability that it claims could affect up to $1 billion worth of crypto, with assets such as Ether (ETH), Aptos (APT), BNB (BNB) and Sui (SUI) at risk.

    In a paper sent to Cointelegraph, dWallet Labs reported a potential vulnerability in validators hosted by an infrastructure provider called InfStones. According to dWallet Labs, it started a research paper covering attacks on blockchain networks and collecting private keys with Web2 attacks. During this research, dWallet Labs said it discovered vulnerabilities in InfStones validators. It wrote:

    “A chain of vulnerabilities we discovered and exploited during our research allowed us to gain full control, run code and extract private keys of hundreds of validators on multiple major networks, potentially leading to direct losses equivalent to over one billion dollars in cryptocurrencies such as ETH, BNB, SUI, APT and many others.” 

    According to dWallet Labs, an attacker who exploits the vulnerability can acquire the private keys of validators across different blockchain networks. “Over one billion dollars of staked assets were staked on all of these validators, and such an attacker would have been able to gain full control of all of them,” it added. 

    Related: Exploits, hacks and scams stole almost $1B in 2023: Report

    On Nov. 21, InfStones responded to Cointelegraph’s request for comment, denying that the bug could affect $1 billion in assets. Darko Radunovic, a representative from InfStones, told Cointelegraph that the potential vulnerability could only affect a small fraction of the live nodes it already launched.

    According to Radunovic, the potential vulnerability was discovered in 237 instances, including 212 cases designated for testing and 25 instances as freshly launched nodes in the production environment. “The instances identified in production constitute a fraction below 0.1% of the live nodes we have launched to date,” Radunovic said in a statement. The company also published a blog post saying the vulnerability was resolved.

    Radunovic also highlighted that in response to the vulnerability, it has done internal reviews and had an accredited security firm audit its systems and company policies. The company also launched a bug bounty program to encourage any third party to work with it directly on any bugs they may find. 

    Magazine: $3.4B of Bitcoin in a popcorn tin: The Silk Road hacker’s story

    The content on this website comes from the Internet. Due to the inconvenience of proofreading the authenticity and accuracy of the copyright or content of some content, it may be temporarily impossible to confirm the authenticity and accuracy of the copyright or content. For copyright issues or other ssues caused by this, please Call or email this site. It will be deleted or changed immediately after verification.
    Related Reading
    < Previous Next >
    exchangesranking

    exchangesranking

    5118number of articles 0number of comments
    Author's other articles
    browse more
    Popular Articles
    Random Article
    Previous
    Tags
    Copyright www.exchangesranking.org Some Rights Reserved.
    Powered By EXCHANGESRANKING.ORG   Theme By 52FB