Users of the popular Parity Ethereum wallet have been left reeling after its developers Ethereum Wallet Parity Hit by Second Critical Vulnerability – $152 Million Frozenrevealed the discovery of a security flaw. The threat, which has been described as “critical”, renders all multi-sig contracts unusable and has locked up hundreds of millions of dollars of ether. The news couldn’t have come at a worse time for Parity, which has been battling to restore its reputation following July’s embarrassing hack which led to at least 150,000 ethers being stolen. The original theft would have been worse were it not for the actions of white hat hackers who helped to recover an additional 377,000 ethers.
Following the hack, Parity issued a fix for the exploit, deploying a new library contract that was meant to resolve the issue. It’s now transpired that the new code contained another flaw which enabled the library contract in the Parity Wallet to be converted into a regular multi-sig wallet. As a consequence, an individual was able to use the initWallet function to take ownership of the wallet.
In a blog post explaining the latest flaw, the Parity team stated:
Full story at http://bit.ly/2jey52Q
Source: Bitcoin News
Donation:
If you appreciate the things I share, consider making a contribution
no matter how small via PayPal or with TransferWise (EUR).
If you use Waves my wallet address is: 3PPeCnXEDAiRVzvsuGRycrNDHhWgDq68uVt
If you use Bitcoin my wallet address is: 12pAsyMdZoTHPvkiRAZiuQhC8bF4DLbYpQ
Bitcoin QR-Code
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.