Blockchain Security Firm Discloses Vulnerability Potentially Affecting $1 Billion in Crypto Assets

According to Cointelegraph, blockchain security firm dWallet Labs recently disclosed a vulnerability that could potentially affect up to $1 billion worth of crypto assets, including Ether (ETH), Aptos (APT), BNB (BNB), and Sui (SUI). The vulnerability was found in validators hosted by infrastructure provider InfStones. dWallet Labs discovered the issue while researching Web2 attacks on blockchain networks and collecting private keys. The firm stated that the vulnerabilities they found allowed them to gain full control, run code, and extract private keys of hundreds of validators on multiple major networks. An attacker exploiting the vulnerability could acquire the private keys of validators across different blockchain networks, potentially leading to significant losses. InfStones, however, denied that the bug could affect $1 billion in assets. Darko Radunovic, a representative from InfStones, told Cointelegraph that the potential vulnerability could only affect a small fraction of the live nodes they've already launched. The vulnerability was discovered in 237 instances, including 212 cases designated for testing and 25 instances as freshly launched nodes in the production environment. InfStones has since resolved the vulnerability and conducted internal reviews, as well as having an accredited security firm audit their systems and company policies. The company also launched a bug bounty program to encourage third parties to work with them directly on any bugs they may find.