Aptos Blockchain Discloses Critical Vulnerability That Could Have Exposed $700 Billion in Assets

icon MarsBit
Share
AI summary iconSummary

Huo Xing Cai Jing reports, according to Coindesk, that white-hat hackers from the security firm Hexens discovered a vulnerability in the Aptos blockchain, which has since been patched. If exploited maliciously, this vulnerability could have exposed up to $70 billion in digital assets to systemic risk, including stablecoins and cross-chain bridges. In late February, Hexens researchers reported a critical flaw in the Move virtual machine—the execution environment for on-chain smart contracts—to the Aptos development team. They identified it as a “stale cache vulnerability” leading to a type confusion bug, wherein software could be tricked into misidentifying one on-chain resource as another. The researchers simulated the attack in a live network environment with a success rate exceeding 90%. Using a set of well-configured servers costing only $3,000, they simulated approximately one-third of the validator network, and the attack required no insider access or special privileges. The Aptos team immediately patched the vulnerability after it was disclosed, resulting in no loss of funds.

Disclaimer: The information on this page may have been obtained from third parties and does not necessarily reflect the views or opinions of KuCoin. This content is provided for general informational purposes only, without any representation or warranty of any kind, nor shall it be construed as financial or investment advice. KuCoin shall not be liable for any errors or omissions, or for any outcomes resulting from the use of this information. Investments in digital assets can be risky. Please carefully evaluate the risks of a product and your risk tolerance based on your own financial circumstances. For more information, please refer to our Terms of Use and Risk Disclosure.