Post

白帽黑客发现Injective中危及5亿美元资产的漏洞,仅获5万美元奖励且尚未支付

PANews
PANews

PANews 3月16日消息,白帽黑客f4lc0n在X平台发文披露,他在Injective协议中发现了一个可导致链上超过5亿美元资产被直接提取的“严重”级别漏洞,但项目方仅向其开出5万美元奖金,远低于其计划中该级别50万美元的最高上限。

f4lc0n表示,该漏洞允许任何用户在无需特殊权限的情况下清空链上任意账户。他在通过Immunefi提交报告后,Injective团队次日即发起主网升级投票修复该漏洞,但在随后的三个月内处于“失联”状态。目前f4lc0n已对奖金数额提出争议,并称5万美元奖金也尚未支付。他宣布将拿出未来漏洞赏金收入的10%用于持续公开此事,直至Injective按标准支付报酬。

INJ-1.77%
10:19 · 16/03/26·39.74K views·
Visit source
0
1

Disclaimer: OKX Orbit content is provided for informational purposes only. Learn more

Replies

No comments yet. Be the first to reply!

Related Flash News

Source avatarOdaily2d ago

Binance will adjust the multi-currency collateral ratio and U-M contract leverage

Source avatarBlockbeats30d ago

Binance will adjust the collateral ratio of some assets in the unified account, and users' current positions will be affected

Source avatarTechFlow30d ago

Binance adjusts the unified account collateral ratio and multiple USDT-M perpetual contract margin ladders

Source avatarChainCatcher35d ago

Bitnomial has launched Injective futures in the United States, which is expected to support the eligibility of spot ETF applications

Source avatarBlockbeats47d ago

Agora announced that it will stop issuing the stablecoin AUSD on Injective, and the redemption window will last until September 28

Source avatarPANews64d ago

Injective will support native USDC and integrate the Circle cross-chain transfer protocol

Source avatarChainCatcher84d ago

OKX has opened some USD(S) spot trading pairs

Source avatarPANews103d ago

OSL Global has launched four USD trading pairs, including XPL

Source avatarChainCatcher121d ago

The Injective governance proposal received 99.89% of the votes and will initiate a deflationary mechanism to significantly reduce the token supply

Source avatarWu Blockchain121d ago

The Injective community passed the governance proposal IIP-617 with 99.89% staking vote support