Cosmos developers fix vulnerability with $126 million in potential damage
A critical bug was discovered by a third-party company and fixed by a blockchain developer about three weeks ago
24.04.2024 - 15:20
59
3 min
0
What’s new? The developers of the Cosmos blockchain ecosystem have fixed a critical vulnerability in the Inter-Blockchain Communication (IBC) protocol that could have resulted in a loss of at least $126 million. This was announced by blockchain audit firm Asymmetric Research, which discovered the vulnerability as part of the Cosmos HackerOne Bug Bounty white-hat hacker bounty program and privately reported it to the developers.
What else is known? The bug allowed hackers to perform a reentrancy attack and issue an unlimited number of tokens in Cosmos ecosystem blockchains connected to the IBC protocol, such as Osmosis. That said, the presence of limits in Osmosis could have prevented or at least mitigated the potential damage.
The bug has existed since the launch of IBC in 2021, but only became available for exploit after the recent launch of a third-party IBC middleware application for transferring ICS20 standard tokens between blockchains.
The bug in the protocol was fixed by Cosmos developer Carlos Rodríguez about three weeks ago. According to Asymmetric Research, hackers were unable to detect it and perform an exploit using it, so no funds were lost.
In October 2022, another critical security vulnerability was identified in the IBC protocol that could also affect all networks connected to the IBC. It was also patched before the attack occurred.
In February 2023, dWallet Labs auditors discovered a $500 million zero-day vulnerability in the TRON blockchain, which was also patched before the exploit occurred.
Cosmos Hub rejects a proposal to reduce the maximum inflation rate to zero
The indicator remained at 7%
In April this year, real-world asset tokenization platform Ondo Finance partnered with blockchain Noble to announce the issuance of USDY tokenized US Treasury bonds with a yield of ,2% per annum in the Cosmos ecosystem. They are now already available on Ethereum, Solana, Mantle, and Sui.
Also, this month, Grayscale investment company, which manages the GBTC spot bitcoin exchange-traded fund, completely sold Cosmos (ATOM) native tokens from the portfolio of its Grayscale Smart Contract Platform Ex-Ethereum Fund (GSCPxE) fund.
Useful material?
Market
Analysts note that from 2024 to 2030, tokens worth $155 billion will be unlocked
May 17, 2024
Technologies
The new mechanism has already made it possible to calculate over tens of millions of fraudulent addresses
May 16, 2024
Incidents
The amount of damage amounted to $25 million in cryptocurrencies
May 16, 2024
Market
FTX customers will be compensated in cash, unlike Mt. Gox and Gemini customers who will receive cryptocurrencies
May 16, 2024
Technologies
It is available to crypto wallet users worldwide as an additional feature
May 15, 2024
Market
The ex-official known for his initiatives to explore the potential of blockchain in the financial system has joined the board of directors of a fintech company
May 14, 2024