Aptos Blockchain Exposed to Critical Vulnerability with Attack Cost of Only a Few Hundred Dollars, Team Promptly Fixed
CoinFeed reported on July 5 that, according to Coindesk, white hat hackers from security firm Hexens discovered a vulnerability in the Aptos blockchain, which has now been fixed. If exploited maliciously, the vulnerability could have resulted in systemic risk for up to $70 billion in digital assets, including stablecoins and cross-chain bridges. In late February, Hexens researchers reported a critical vulnerability in the Move virtual machine (the execution environment for on-chain smart contracts) to the Aptos development team. They noted it was an 'expired cache vulnerability' that leads to a type confusion flaw, where software could be tricked into mistaking one type of on-chain resource for another. The researchers simulated the attack under real network conditions with a success rate exceeding 90%.