Unknown user of the Taiwanese Stock Exchange BitoPro falsified a deposit in the XRP cryptocurrency and pulled 7 million coins from the site ($ 2.17 million). The mechanism of this exploit was described in detail by the Bitrue exchange.
In this case, it’s not a problem. We encourage all platforms who support $ XRP to look into it thoroughly! @WietseWind @Curis_Wang https://t.co/weCqtxmRLU
– Bitrue (@BitrueOfficial) May 2, 2019
The attacker claimed to send 330,000 XRP, but in reality only sent 0.003255 XRP with a partial payment stamp "tfPartialPayment".
“The exchanges that have recently implemented XRP support are not aware of the existence of a partial payment. They use the wrong Amount parameter to record a payment. You should always use the “DeliveredAmount” parameter, ”emphasizes Bitrue.
According to XRPScan , the attacker sent a set of payments to the BitoPro wallet address, the value of which, on average, did not exceed 0.003255 XRP. Also in the registry are two transactions of 3 million XRP, which were successfully credited by the exchange to the account.
In total, from March 8 to May 2, unknown persons made 148 attempts to conduct such transactions. One of them arrived at Bitrue’s own address, but was successfully blocked by the exchange system.
Recall that in February, due to the spelling function of the seed phrases, the Coinomi desktop wallet user stole $ 70,000 in cryptocurrency.
Subscribe to BlockchainJournal news on Facebook !
BlockchainJournal.news
BlockchainJournal.news
