Aptos blockchain exposed serious vulnerability, $70 billion in assets once faced systemic risk

robot
Abstract generation in progress

Deep Tide TechFlow News: July 05, according to CoinDesk, researchers at blockchain security company Hexens found an “expired cache” type confusion vulnerability in the Aptos blockchain’s Move Virtual Machine. The attackers only needed approximately $3,000 in server costs to launch the attack in a simulated environment with a success rate of nearly 90%, without requiring validator privileges or any internal knowledge. In their simulated tests, the researchers carried out about 20 attacks, succeeding 17–18 times, and verified potential control over management permissions for cross-chain protocols such as LayerZero, Wormhole, and USDC CCTP.

Hexens assessed that this vulnerability directly threatens protocols on the Aptos chain, including on-chain DeFi, stablecoins, and liquid staking, involving assets in the low single-digit billions of dollars. If it spreads through paths such as cross-chain bridges, stablecoin minting, and centralized exchanges, the maximum systemic risk exposure could reach $70 billion. After the Aptos team received the vulnerability report on February 25, they completed the fix within a few hours and deployed it to Aptos mainnet; as of now, no user funds have been compromised.

APT-2.41%
ZRO-0.51%
W-0.49%
USDC-0.01%
View Original
This page may contain third-party content, which is provided for information purposes only (not representations/warranties) and should not be considered as an endorsement of its views by Gate, nor as financial or professional advice. See Disclaimer for details.
  • Reward
  • Comment
  • Repost
  • Share
Comment
Add a comment
Add a comment
No comments
  • Pinned