Ether’s Bug Reportedly Gave Hackers an Avenue to Abuse Exchanges

ethereum proof of stake

According to reports, Ethereum’s bug issue gave hackers the means to abuse digital asset exchanges. The report says a bug relating to the Ether-based GasToken (that made it easier for hackers to attack crypto exchanges) has been fixed. There is a lot we need to understand about this situation.

The bug reportedly made it a lot easier for hackers to force crypto exchanges into paying high fees, although as at the time of writing this publication, it was unclear which exchanges were affected or which platforms lacked the security means to avert the issue from expanding. The hackers could exploit the bug to get profits.

The bug issue was discovered by some astute cryptocurrency researchers, who ultimately issued private messages to “digital exchanges as fast as possible” in a bid to warn them about the problem. The platforms that received the message later implemented the relevant security measures to counter the bug and put an end to the hacker’s threat.

A Wake-Up Call for Exchanges to Implement Stricter Security Measures

Many exchanges, according to the researchers, were not actually implementing the appropriate limits relating to GasToken utilization. They neglected the issue of how many tokens should be sent to multiple random addresses. Thus, once a transaction is completed, the hackers had the ability to force the exchanges affected into paying astronomical amounts of money for ongoing computation before going on to drain the exchanges’ reserves. The hackers could mint new GasTokens (minting involves creating new coins for profit).

Hackers were also given the ability to enforce high charges on users who are engaging in business using random accounts. However, on a positive note, it has to be said that not all crypto exchanges became vulnerable because of the bug. The reason for this is because only exchanges that are implementing Ethereum-based transactions were victimized. The problem made just these ones vulnerable.

Ethereum (ETH) Price Today – ETH / USD

Name Price24H (%)
Ethereum (ETH)
$86.93
-3.03%

Only Very Few Exchanges Could Have Been Affected

The number of exchanges affected was ultimately narrowed down to networks that initiated such transactions. Exchanges that processed them weren’t affected. Hence, it is safe to say a limited number of crypto platforms could have been affected. Decentralized exchanges and platforms that used smart contracts to process their user money transfers could not be attacked by hackers.

The bug was discovered by researchers in late October. After this event, the researchers informed all exchanges they know could have been affected, advising them to facilitate only “reasonable gas limits on every transaction” in a bid to defend against a security threat. As of press time, the exchanges have all implemented the necessary defenses ultimately rendering the problem null and void.

This Case is a Familiar One

It is essential to indicate that this is not the first time that Ethereum has paved the way for malicious activity. We can recall that earlier in the year; research staffers found a vulnerability in Coinbase. This vulnerability allowed users on the platform to reward themselves with unlimited amounts of tokens. Additionally, another familiar case was when a flaw in the wallet system of Monero (XMR) allowed users of the token to potentially steal XMR coins from digital asset exchanges.

 

 

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.