Bitfinex prevents $15 billion exploit, reveals XRP Ledger vulnerability

Bitfinex's systems automatically flagged the transaction because it requires a "delivered amount" field, blocking the attempted exploit.

Bitfinex prevents $15 billion exploit, reveals XRP Ledger vulnerability

Share this article

Bitfinex recently faced an attempted exploit, where some $15 billion worth of XRP was at risk of being stolen by an attacker who leveraged a vulnerability in the XRP Ledger network.

The incident was initially disclosed by blockchain tracking and research group Whale Alert, which flagged the transaction as unusual, given how it was already nearly half of Ripple’s (XRP) total market capitalization of about $31 billion. Blockchain data indicates that the transfer was worth less than a dollar.

According to Bitfinex CTO Paolo Ardoino, an unidentified threat actor “attempted to attack” the network through a “Partial Payments Exploit” to call a large XRP transfer without authorization.

Partial payments allow transfers to succeed by reducing the received amount. XRP Ledger documents warn that this feature can enable attacks if integrations do not validate delivered amounts.

By exploiting the assumptions of vulnerable systems, attackers can secretly withdraw funds up to the trusted balance before detection. Technically, this is akin to “printing” tokens by crediting crypto without any actual transfer.

The motive behind the attempted exploit remains unclear and is still pending a full investigation by the parties involved.

However, Ardoino reiterates that Bitfinex’s systems automatically flagged the transaction because it requires a “delivered amount” field, effectively blocking out the attempt.

XRP Ledger’s documentation reveals that such an attack vector is already known.

“If a financial institution’s integration with the XRP Ledger assumes that the Amount field of a Payment is always the full amount delivered, malicious actors may be able to exploit that assumption to steal money from the institution,” the documentation details.

The failed exploit attempt incorporated techniques addressed in protocol documentation but did not log any attempts, such as in this particular incident.

In response, organizations such as Bitfinex and other crypto exchanges may need to implement new routines to counter these risks. It is also advisable for infrastructure providers to routinely audit access credentials and enhance validation requirements for privileged information.

Ongoing security threats continue plaguing the crypto ecosystem, highlighting the urgent need for robust protections. Last year alone, over $2 billion was stolen from crypto users through various schemes, demonstrating the incentives and capabilities of bad actors.

Share this article