- APT0%
- MAJOR0%
BlockBeats News, July 5th - Blockchain security company Hexens disclosed that in February of this year, they discovered a critical vulnerability in the Aptos Move virtual machine, theoretically putting approximately $700 billion of crypto assets at risk. However, the Aptos team completed the mainnet fix within hours of the vulnerability disclosure, with no reported user funds lost.
Hexens stated that the vulnerability stemmed from a "stale-cache" issue in the Move virtual machine, which could lead to type confusion. Attackers could potentially exploit this to gain critical permissions such as stablecoin minting, cross-chain bridges, and DeFi protocol interactions. In simulated tests, the research team was able to achieve around a 90% success rate in attacks using only a $3,000 server setup, without requiring validator or internal access permissions.
In response, Aptos indicated that they swiftly remedied the issue upon receiving the vulnerability report through their bug bounty program. They believe the exploitability of the vulnerability in a real-world network is minimal and would not have an actual impact on users or their funds.
Hexens believes that if the vulnerability had been maliciously exploited, the risk would not be limited to the Aptos ecosystem but could extend to cross-chain bridges, stablecoins, and centralized exchanges. An independent security firm, Grego AI, estimated that around $250 million of TVL on the Aptos chain would be directly affected, with a theoretical overall risk exposure of up to approximately $700 billion.
Disclaimer: The current content is sourced from third-party perspectives or directly translated by AI from third-party perspectives. CoinEx does not guarantee the authenticity, accuracy, and originality of the content, and it does not constitute any investment advice from CoinEx. The prices of cryptocurrencies are highly volatile, please be aware of the potential risks.
- CoinsPrice24H Change