Updated January 15th, 2024 at 12:47 IST
Bitfinex faces partial payment exploit attempt worth $15 billion in XRP
The transaction initially garnered attention through the blockchain tracking account Whale Alert, which reported a transfer of 25.6 billion XRP.
- 2 min read
Partial payment exploit: A transaction involving nearly $15 billion worth of XRP, with a recorded ticker of $0.58, from an unidentified wallet to Bitfinex on January 15, was revealed to be part of a failed ‘partial payments exploit.’ Bitfinex's Chief Technology Officer, Paolo Ardoino, clarified that the transfer did not go through and that it was an attempt to exploit the exchange's system.
The transaction initially garnered attention through the blockchain tracking account Whale Alert, which reported a transfer of 25.6 billion XRP, nearly half of the circulating supply, to Bitfinex from an unknown wallet. However, Whale Alert later deleted the post, citing an issue with correctly interpreting the Ripple node response, leading to inaccurate posts.
Ardoino detailed that the attacker tried to exploit Bitfinex through a Partial payments exploit, assuming that the exchange had incorrectly configured its software to process partial payments.
What are Partial payment exploits?
Partial payment exploits involve attackers exploiting perceived vulnerabilities in transaction processing. The exploit assumes that the targeted exchange has incorrectly configured its system to only read the ‘amount’ field of a transaction. In this attack, the exploiter sends a transaction with a high ‘amount’ field but specifies a much smaller amount in another transaction field.
The goal is to receive credit for the difference from the exchange. The attacker anticipates that the exchange's system only considers the ‘amount’ field, creating a discrepancy. Successfully handling this exploit requires exchanges to properly manage additional transaction fields, like the "delivered_amount" data field. Awareness of such vulnerabilities is crucial for maintaining the security and integrity of blockchain exchanges.
Fortunately, the attack failed as Bitfinex appropriately handles the 'delivered_amount’ data field. Additionally, blockchain data indicates that the attacker also attempted a similar attack on Binance with a 58.9 billion XRP transfer, which also ended in failure.
Published January 15th, 2024 at 12:47 IST
Republic Top 5
UP में ज्यादातर उम्मीदवारों को दोबारा मौका19 minutes ago