Aptos Blockchain Exposed to Critical Vulnerability, $70 Billion in Assets at Systemic Risk

iconTechFlow
Share
AI summary iconSummary

According to CoinDesk, researchers at blockchain security firm Hexens discovered a "stale cache" type confusion vulnerability in the Move virtual machine of the Aptos blockchain. Attackers could launch an attack with nearly 90% success rate in a simulated environment at a server cost of only about $3,000, without requiring validator privileges or insider knowledge. During simulated tests, the researchers executed approximately 20 attacks, succeeding in 17 to 18 instances, and verified the potential to gain control over management permissions of cross-chain protocols such as LayerZero, Wormhole, and USDC CCTP. Hexens assessed that this vulnerability directly threatens DeFi protocols, stablecoins, and liquid staking applications on Aptos, exposing assets worth several billion dollars. If exploited through cross-chain bridges, stablecoin minting, or centralized exchanges, the systemic risk exposure could reach up to $70 billion. After receiving the vulnerability report on February 25, the Aptos team patched and deployed the fix to mainnet within hours; no user funds have been compromised.

Disclaimer: The information on this page may have been obtained from third parties and does not necessarily reflect the views or opinions of KuCoin. This content is provided for general informational purposes only, without any representation or warranty of any kind, nor shall it be construed as financial or investment advice. KuCoin shall not be liable for any errors or omissions, or for any outcomes resulting from the use of this information. Investments in digital assets can be risky. Please carefully evaluate the risks of a product and your risk tolerance based on your own financial circumstances. For more information, please refer to our Terms of Use and Risk Disclosure.