White hacker discovered a vulnerability in the Coinbase project called Advanced Trading

According to the hacker, the exploit was “potentially market-nuking”

14.02.2022 - 13:00

719

2 min

According to the hacker, the exploit was “potentially market-nuking.”

What’s new? On February 12, the Coinbase cryptocurrency exchange temporarily halted trading on its Advanced Trading platform for retail clients. This decision was taken after a white hat hacker nicknamed Tree of Alpha reported an exploit he had discovered on Advanced Trading. According to him, it was “potentially market-nuking.” The incident is reported by Coinbase in a post on Twitter.

For technical reasons, we are disabling retail advanced trading. This service will continue to be accessible, but new orders cannot be placed at this time. Existing orders are in cancel only mode.— Coinbase Support (@CoinbaseSupport) February 11, 2022

How did events develop? On February 11, a white hacker identified a vulnerability in the Advanced Trading operation and attempted to contact the developers of Coinbase. Not getting a quick response, Tree of Alpha sent a report to the HackerOne vulnerability bounty program platform.

Anyone here can get me a direct line with someone at @coinbase , preferably management or dev team, possibly @brian_armstrong himself?I'm submitting a hacker1 report but I'm afraid this can't wait. Can't say more either, this is potentially market-nuking.DMs open.— Tree of Alpha (@Tree_of_Alpha) February 11, 2022

“This is a delicate issue, it could allow malicious users to send all Coinbase order books to arbitrary prices,” the hacker stated.

Already an hour later, Coinbase experts contacted the hacker and soon announced Advanced Trading was suspended. By the evening of February 12, the service’s operation was resumed and Coinbase noted that customer funds were not affected. The crypto exchange is currently investigating the incident. Its head Brian Armstrong publicly expressed his appreciation to Tree of Alpha.

Author: