Infstones will temporarily withdraw its Ethereum validators from the liquidity staking protocol and implement key rotation in response to a major vulnerability disclosed by dWallet Labs security researchers. The vulnerability was discovered by cybersecurity firm dwallet Labs in July this year and has now been resolved. Lido Finance confirmed that the vulnerability is related to potential root-level access affecting 25 InfStones validator servers. However, Lido clarified that there is no evidence that this issue resulted in any keys being compromised or exploited.
dWallet Labs claimed in its security report that the vulnerability could cause a security breach affecting ETH staked on Lido through the InfStones node. Therefore, the company recommends rotating validator keys for all nodes potentially exposed to the vulnerability.
