header-langage
简体中文
繁體中文
English
Tiếng Việt
한국어
日本語
ภาษาไทย
Türkçe
Scan to Download the APP

Hexens Discloses Major Vulnerability, Theoretical Risk Exposure Could Reach $700 Billion

BlockBeats News, July 5th - Blockchain security company Hexens disclosed that in February of this year, they discovered a critical vulnerability in the Aptos Move virtual machine, theoretically putting approximately $700 billion of crypto assets at risk. However, the Aptos team completed the mainnet fix within hours of the vulnerability disclosure, with no reported user funds lost.


Hexens stated that the vulnerability stemmed from a "stale-cache" issue in the Move virtual machine, which could lead to type confusion. Attackers could potentially exploit this to gain critical permissions such as stablecoin minting, cross-chain bridges, and DeFi protocol interactions. In simulated tests, the research team was able to achieve around a 90% success rate in attacks using only a $3,000 server setup, without requiring validator or internal access permissions.


In response, Aptos indicated that they swiftly remedied the issue upon receiving the vulnerability report through their bug bounty program. They believe the exploitability of the vulnerability in a real-world network is minimal and would not have an actual impact on users or their funds.


Hexens believes that if the vulnerability had been maliciously exploited, the risk would not be limited to the Aptos ecosystem but could extend to cross-chain bridges, stablecoins, and centralized exchanges. An independent security firm, Grego AI, estimated that around $250 million of TVL on the Aptos chain would be directly affected, with a theoretical overall risk exposure of up to approximately $700 billion.

举报 Correction/Report
Correction/Report
Submit
Add Library
Visible to myself only
Public
Save
Choose Library
Add Library
Cancel
Finish