(1/15) Cryptocurrency exchanges Bitfinex and Binance have successfully thwarted an attack attempt that sought to exploit a partial payment feature of Ripple (XRP). The attack attempt involved up to billions of dollars worth of XRP.
Table of Contents
Toggle
Massive Transfer Used as a Diversion: Attackers Attempt to Exploit Partial Payment Vulnerability
Whale Alert Mistaken Alert
Functioning Principle of Partial Payment Vulnerability
Bitfinex and Binance Successfully Defend Against Attack
According to Bitfinex CTO Paolo Ardoino, an attacker attempted to exploit the partial payment feature of XRP to attack their cryptocurrency exchange, but ultimately failed. Initially, blockchain tracking account Whale Alert discovered a transfer of nearly $15 billion worth of XRP from an unknown wallet to Bitfinex. However, this transaction never actually occurred and was instead an attempt by the attacker to exploit the “partial payments exploit.”
After realizing the issue, Whale Alert deleted its previous tweet and stated that incorrect readings of Ripple nodes led to some incorrect publications.
Advertisement – Continue reading below
The principle of the partial payment vulnerability assumes that a company’s system is misconfigured to only read the “amount” field in XRP transactions, which is set to a high value. In reality, the amount sent by the attacker is much smaller than the amount specified in another transaction field, with the aim of obtaining the difference in credit from the company.
Fortunately, Ardoino pointed out that the attack failed because “Bitfinex correctly handled the ‘delivered_amount’ data field.” According to blockchain data, the attacker also attempted a similar attack on Binance, trying to transfer 58.9 billion XRP, but also failed.
This incident once again highlights the importance for cryptocurrency exchanges to remain vigilant and continuously strengthen their security defenses in the face of increasingly sophisticated cyber attacks.
Bitfinex
Paolo Ardoino
XRP
Further Reading
In Georgia’s capital, Tbilisi, TOYOTA cars can be purchased with USDT
Interview with Tether CEO: It’s sad to see Binance’s misfortune, Tether is trying to conduct a comprehensive audit.