Billions in XRP Moved: The Unsuccessful Bitfinex Exploit Attempt

Jonathan Stoker Jan 15, 2024, 08:20am 120 views

Billions in XRP Moved: The Unsuccessful Bitfinex Exploit Attempt

Attempted Exploit on Bitfinex Cryptocurrency Exchange Through XRP Ledger Network

An attempt to exploit BitfinexBitfinex, a well-known cryptocurrency exchange, was made using a feature of the XRPXRP$0.620 -1.68% Ledger network. The CEO of Bitfinex, Paolo Ardoino, confirmed this on Monday. The attempt involved the movement of nearly half of XRP's $31 billion market capitalization, with almost $15 billion worth of XRP flagged in a transaction by on-chain service WhaleAlerts.

Superficial Transaction and Actual Transfer

However, the actual transaction was for a meager amount of XRP, with the transfer attempt failing due to insufficient liquidity on the sender's part. The plot seemed to be to fool Bitfinex into accepting the transaction as genuine, potentially paving the way for a hack. Despite this, Bitfinex's systems marked the transactions as partial payment.

Partial Payments Feature

Partial payments is a feature of the XRP Ledger that allows a payment to be completed by reducing the amount received. Paolo Ardoino confirmed that someone attempted to exploit Bitfinex through the Partial Payments Exploit, but the attack was unsuccessful because Bitfinex correctly handled the 'delivered_amount' data field.

Partial payments can be used to make refunds without incurring additional costs. However, this feature poses a known security risk, according to XRP Ledger transaction documents. If a financial institution's integration with the XRP Ledger presumes the Amount field of a Payment represents the full amount delivered, ill-intentioned actors might take advantage of this assumption to steal funds from the institution. Typically, the malicious actor withdraws as much of the balance as they can to another system before the vulnerable institution notices the discrepancy.

Security Concerns in the Cryptocurrency Market

Security threats continue to plague the broader cryptocurrency market. In 2023, users lost nearly $2 billion to scams, rug pulls, and hacks. It is therefore crucial for users and institutions alike to be vigilant, and for exchanges to ensure that their systems are robust against such potential exploits.

Edited by Jonathan Stoker

How do you like the article?

Join the discussion on

You may also like

Advertisement

Articles in same category

Advertisement

Coins in same category

Advertisement

Join our community

Help moderate our articles, rate content and show your support!

We want you to be part of the first automated crypto-magazine.

Join us today