Bitfinex Blocks Massive $15 Billion XRP Exploit Attempt, Protecting User Funds
In Brief
A cyber attacker attempted to utilize XRP’s partial payments feature to exploit Bitfinex for $15 billion worth of XRP, but was unsuccessful.
An attacker attempted to utilize XRP’s partial payments feature to exploit the cryptocurrency exchange Bitfinex, but was unsuccessful.
According to Bitfinex Chief Technology Officer Paolo Ardoino, the reported transaction involving nearly $15 billion worth of XRP from an unidentified wallet to Bitfinex never went through and was identified as a part of a failed “partial payments exploit” attempt.
Blockchain tracking account Whale Alert reported observing a transaction of 25.6 billion XRP, which is almost half of XRP’s circulating supply, from an unidentified wallet to Bitfinex. However, Whale Alert subsequently removed the post and stated that there was a problem with accurately interpreting the Ripple node response, leading to a few inaccuracies in the posts.
Bitfinex’s Ardoino later clarified on the platform X (formerly Twitter) that a bad actor tried to target Bitfinex using a “Partial Payments Exploit.” The attacker anticipated that the exchange had misconfigured its software, specifically in processing partial payments. Ardoino, however, pointed out that the attack was unsuccessful because Bitfinex effectively manages the ‘delivered_amount’ data field.
A partial payments exploit operates on the assumption that a company possesses a misconfigured system, solely interpreting the “amount” field of an XRP transaction, usually set at a substantial value. In practice, the exploiter submits a significantly smaller amount as indicated in another transaction field, intending to secure credit for the variance from the company.
Likewise, the hacker attempted a similar attack on Binance by initiating a 58.9 billion XRP transfer, which also proved unsuccessful, as evidenced by blockchain data.
Cryptocurrency Exchanges Witness Continuous Security Breaches
In the crypto landscape, the decentralized nature of blockchain technology not only draws in legitimate users but also opportunistic hackers aiming to exploit its vulnerabilities. The threat of cyber attacks looms large, casting a shadow over the security measures implemented by cryptocurrency exchanges.
Recently, the cryptocurrency trading platform Catalyx detected a security vulnerability concerning the custodial holding of assets for customers. The vulnerability, allegedly stemming from fraudulent activity by employees, prompted the company to suspend withdrawals and all trading activities.
Although the exact amount of losses remains undisclosed, Catalyx has initiated an investigation process to address the incident.
In another attempt to compromise a cryptocurrency exchange, a hacker successfully accessed Binance’s law enforcement request panel–a panel commonly employed by online financial institutions or social media platforms to authenticate law enforcement requests. The hacker then proceeded to steal credentials, offering anyone access to account data for a fee.
The attempted manipulation of XRP’s partial payments feature on Bitfinex reflects the ongoing battle between exchanges and cyber adversaries, casting a shadow over their integrity.
Disclaimer
In line with the Trust Project guidelines, please note that the information provided on this page is not intended to be and should not be interpreted as legal, tax, investment, financial, or any other form of advice. It is important to only invest what you can afford to lose and to seek independent financial advice if you have any doubts. For further information, we suggest referring to the terms and conditions as well as the help and support pages provided by the issuer or advertiser. MetaversePost is committed to accurate, unbiased reporting, but market conditions are subject to change without notice.About The Author
Alisa is a reporter for the Metaverse Post. She focuses on investments, AI, metaverse, and everything related to Web3. Alisa has a degree in Business of Art and expertise in Art & Tech. She has developed her passion for journalism through writing for VCs, notable crypto projects, and scientific writing. You can contact her at alisa@mpost.io
More articlesAlisa is a reporter for the Metaverse Post. She focuses on investments, AI, metaverse, and everything related to Web3. Alisa has a degree in Business of Art and expertise in Art & Tech. She has developed her passion for journalism through writing for VCs, notable crypto projects, and scientific writing. You can contact her at alisa@mpost.io