- APT0%
- MAJOR0%
BlockBeats News, July 5th - Blockchain security company Hexens disclosed that in February of this year, they discovered a critical vulnerability in the Aptos Move virtual machine, theoretically putting approximately $700 billion of crypto assets at risk. However, the Aptos team completed the mainnet fix within hours of the vulnerability disclosure, with no reported user funds lost.
Hexens stated that the vulnerability stemmed from a "stale-cache" issue in the Move virtual machine, which could lead to type confusion. Attackers could potentially exploit this to gain critical permissions such as stablecoin minting, cross-chain bridges, and DeFi protocol interactions. In simulated tests, the research team was able to achieve around a 90% success rate in attacks using only a $3,000 server setup, without requiring validator or internal access permissions.
In response, Aptos indicated that they swiftly remedied the issue upon receiving the vulnerability report through their bug bounty program. They believe the exploitability of the vulnerability in a real-world network is minimal and would not have an actual impact on users or their funds.
Hexens believes that if the vulnerability had been maliciously exploited, the risk would not be limited to the Aptos ecosystem but could extend to cross-chain bridges, stablecoins, and centralized exchanges. An independent security firm, Grego AI, estimated that around $250 million of TVL on the Aptos chain would be directly affected, with a theoretical overall risk exposure of up to approximately $700 billion.
免責聲明:當前內容均來自第三方觀點或由AI直接翻譯第三方觀點,CoinEx不保證內容的真實性、準確性和原創性,不構成CoinEx相關的任何投資建議。數字資產價格波動劇烈,請注意潛在風險。
- 幣種價格24H漲跌