Bitget App
Trade smarter
Buy cryptoMarketsTradeFuturesCopyBotsEarn

Ripple CTO Sets Record Straight After Failed XRP Hack

DailyCoinDailyCoin2024/01/19 12:49
By:DailyCoin
  • Hackers attempted to steal 25 billion XRP from Bitfinex
  • Ripple CTO shuts down talk that billions of XRP were ever at risk.
  • The exploit relies on unconfigured XRP Ledger integrations.

Cryptocurrency hacks remain an unchecked plague on the industry, with 160 successful attacks in 2023, netting thieves nearly $1.7 billion in stolen funds. However, January 14 saw cybercriminals fail in their attempt to exploit the Bitfinex exchange via the XRP Ledger’s “partial payments” feature. Regarding the attack, Ripple CTO David Schwartz maintained that the XRP Ledger is not inherently flawed or vulnerable.

Ripple CTO Dismisses Talk of XRP Ledger Vulnerability

Schwartz moved swiftly to shut down rumors in a recent tweet that the XRP Ledger is inherently flawed or that billions in XRP were ever at risk. The Ripple CTO stated that the partial payments “feature is a standard and secure financial tool” and that media coverage of “billions of XRP moved” was misleading sensationalism as the amount transferred amounted to just a few cents.

Schwartz praised Bitfinex for handling the incident appropriately by following Ripple’s guidelines for secure configuration and integration of the partial payments function, thus stopping the attempted exploit from ever occurring. With that, Schwartz reminded institutions that “proper configuration and integration cannot be understated.”

Partial payments are a specialized payment type enabling a flexible payment amount. It allows the transaction sender to send a payment that delivers less than the amount sent, which may be used for returning unwanted payments without incurring additional costs. However, this function can be exploited if an institution’s XRP Ledger integration is not properly configured.

How Hackers Can Exploit Partial Payments

Hackers can exploit an institution’s inappropriately configured XRP Ledger integration by sending a large transaction to the institution with a small partial payment of actual funds. This transaction is confirmed, and the vulnerable institution reads the large transaction without cross-checking the amount received. 

Assuming all is well, the institution credits the hacker with the large transaction, even though only a small amount of XRP was received. The hacker can then withdraw the ill-gotten funds to another wallet before noticing the mistake.

While the attacker may have completed a field to send 25 billion XRP to Bitfinex using the partial payment feature, engineer “NIKB” confirmed that the actual partial payment made was $0.001.

On the Flipside

  • The incident did not trigger any significant price fluctuations in the price of XRP.
  • Ripple CEO Brad Garlinghouse will speak at the World Economic Forum’s Davos conference on January 16.

Why This Matters

With hackers relentlessly targeting vulnerabilities, responsibility falls on exchanges and infrastructure to prevent exploitation. Proper configuration and smart contract design will become vital to blockchain security as the industry expands.

Read about Charles Gasparino’s mocking of the attempted XRP exploit here:
FOX Journalist Lambasts XRP Army After 25B XRP Incident

Find out about the growing calls to bring the USDC stablecoin to Cardano here:
USDC on Cardano: Weighing Up Growth vs. Decentralization

0

Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.

PoolX: Stake to earn
CEC, QTLX, GDV and other popular new coins are in hot progress!
Stake now!

You may also like

Former US President Donald Trump Made a Payment Using Bitcoin

The 45th President of the United States, Donald Trump, paid the bill using Bitcoin (BTC) at a venue he visited today. Here are the details.

Bitcoinsistemi2024/09/19 00:15

Cencora Pays Record $75M Ransom in Major Cyberattack

In its July quarterly report, Cencora reported $31.4 million in expenses mainly due to the cybersecurity breach.

Cryptotimes2024/09/18 23:33