Editor's Pick

Security Firm dWallet Labs Uncovers Vulnerability with $1 Billion of Crypto At Risk

Source: Pixabay

Blockchain security firm dWallet Labs recently unveiled a vulnerability that it asserts has the potential to impact approximately $1 billion worth of crypto.

The security firm published a Medium blog post on Tuesday saying that it had discovered a potential vulnerability in validators hosted by infrastructure provider InfStones.

The post explored attacks on blockchain networks and collecting private keys with Web2 attacks, with dWallet Labs saying owners of cryptocurrencies such as Ether, BNB, SUI, and others could be affected.

“A chain of vulnerabilities we discovered and exploited during our research allowed us to gain full control, run code and extract private keys of hundreds of validators on multiple major networks, potentially leading to direct losses equivalent to over one billion dollars in cryptocurrencies such as ETH, BNB, SUI, APT and many others,” dWallet Labs said.

According to dWallet Labs, a hacker exploiting this vulnerability has the capability to obtain the private keys of validators across various blockchain networks.

“Over one billion dollars of staked assets were staked on all of these validators, and such an attacker would have been able to gain full control of all of them,” it added.

In a statement released on their company blog on November 17, InfStones acknowledged the potential threat highlighted by dWallet Labs, but contested the figures quoted by the blockchain security firm. InfStones said that the vulnerabilities only impacted a fraction of their active nodes, while also clarifying that the vulnerabilities had been resolved.

In its statement, the infrastructure provider said it had identified potential threats in 237 instances. Among these, 212 were nodes designated for testing purposes, while 25 instances affected newly launched nodes.

The company also detailed the immediate actions taken to address the vulnerabilities, including taking down the affected port and similar ones, as well as rotating all credentials and keys within the platform.

Additionally, InfStones conducted an internal review, revealing no additional threats. An external security firm was also hired to audit its systems and company policies.

Darko Radunovic, a representative from InfStones, told Cointelegraph that the potential vulnerability identified by dWallet Labs would only have a limited impact, affecting only a small fraction of the live nodes that InfStones has already launched.

“The instances identified in production constitute a fraction below 0.1% of the live nodes we have launched to date,” Radunovic said in a statement.

 

The post Security Firm dWallet Labs Uncovers Vulnerability with $1 Billion of Crypto At Risk appeared first on Cryptonews.

You May Also Like

Editor's Pick

Source: Ark Invest / Instagram ARK Investment Management, led by prominent investor Cathie Wood, has reduced its holdings in the Grayscale Bitcoin Trust (GBTC)...

Latest News

A super PAC that has overseen much of Ron DeSantis’s presidential operation has fired its CEO less than two weeks after the previous chief...

Latest News

WINDHAM, N.H. — It’s pouring rain Saturday morning as New Hampshire Gov. Chris Sununu (R) arrives at Mary Ann’s diner in Windham, fielding calls...

Stock

Popeyes is expanding its menu beyond chicken sandwiches — and it’s a permanent change this time. The fast-food chain announced Wednesday it’s adding five...

Disclaimer: Incomeinnovatorhub.com, its managers, its employees, and assigns (collectively “The Company”) do not make any guarantee or warranty about what is advertised above. Information provided by this website is for research purposes only and should not be considered as personalized financial advice. The Company is not affiliated with, nor does it receive compensation from, any specific security. The Company is not registered or licensed by any governing body in any jurisdiction to give investing advice or provide investment recommendation. Any investments recommended here should be taken into consideration only after consulting with your investment advisor and after reviewing the prospectus or financial statements of the company.

Copyright © 2024 incomeinnovatorhub.com