Security firm dWallet Labs uncovers vulnerability that could put $1 billion in crypto at risk

Security firm dWallet Labs uncovers vulnerability that could put $1 billion in crypto at risk
courtesy of

dWallet Labs, a blockchain security firm, has recently disclosed a potential vulnerability that could impact up to $1 billion worth of cryptocurrency. The vulnerability, which affects validators hosted by infrastructure provider InfStones, could potentially expose assets such as Ether (ETH), Aptos (APT), BNB (BNB), and Sui (SUI) to risk.

What dWallet Labs discovered

dWallet Labs conducted research on attacking blockchain networks and collecting private keys with Web2 attacks. During this research, they uncovered vulnerabilities in InfStones validators. According to dWallet Labs, these vulnerabilities allowed them to gain full control, run code, and extract private keys of hundreds of validators on multiple major networks. The potential losses from this vulnerability could exceed $1 billion.

The impact of the vulnerability

If exploited, this vulnerability could enable an attacker to acquire the private keys of validators across different blockchain networks. As a result, over $1 billion of staked assets could be at risk. dWallet Labs emphasized that this vulnerability could potentially lead to direct losses in cryptocurrencies such as ETH, BNB, SUI, APT, and others.

InfStones responds

InfStones, the infrastructure provider hosting the vulnerable validators, responded to the disclosure. They denied that the bug could impact $1 billion in assets, stating that the vulnerability only affects a small fraction of the live nodes they have launched. According to Darko Radunovic, a representative from InfStones, the vulnerability was discovered in 237 instances, constituting less than 0.1% of their live nodes. The company claims to have resolved the vulnerability and has conducted internal reviews and security audits.

Additionally, InfStones has launched a bug bounty program to encourage third parties to work with them directly on identifying any other potential vulnerabilities.

In light of this disclosure, it is crucial for crypto holders to remain vigilant and ensure their assets are stored securely.

Did you miss our previous article...