Introduction
Cyber security firm Dwallet Labs reported on Nov. 21 that it discovered vulnerabilities in several Infstones validators that compromised over $1B of staked assets. Infstones has confirmed the existence of these vulnerabilities but disagrees with the potential impact’s severity.
Traditional Web2 Threats
Dwallet Labs found a potential vulnerable entry point on an Infstones validator, highlighting significant risks from traditional Web2 threats. The firm replicated the attack, taking full control and extracting keys to uncover more vulnerabilities, affecting over 1,000 Infstones servers.
Vulnerabilities a Threat to Staked Assets
The research focused on attacking blockchain networks using classic techniques, treating validators as cloud servers. Dwallet Labs CEO, Omer Sadika, explained that over $1B of staked assets were compromised due to this vulnerability.
Infstones Says Appropriate Steps Already Taken
Infstones acknowledges the vulnerability but disputes its severity. They believe it affects less than 0.1% of their live nodes and claim to have resolved some issues raised by Dwallet Labs. Despite this, Sadika stressed the importance of handling cybersecurity vulnerabilities and maintaining trust.
Hot Take
Sadika expressed the critical importance of handling cybersecurity vulnerabilities transparently to maintain trust with partners and customers, highlighting the need for responsibility and truthfulness in such situations.
By
By
By
By
By
By