ZetaChain dismissed bug report that could have prevented $334K exploit

0
840_aHR0cHM6Ly9wYXlsb2FkLmx1bS10cmkub3JnL2FwaS9hcnRpY2xlLWNvdmVycy9maWxlL0RvY3VtZW50LWRlbGV0aW5nLWRlY2xpbmUuanBnP3ByZWZpeD1tZWRpYSUyRmFydGljbGUtY292ZXJz

The vulnerability behind ZetaChain’s $334,000 exploit had been reported through its bug bounty program before the attack but was dismissed.

The vulnerability that led to ZetaChain’s recent exploit had been flagged through its bug bounty program before the attack, but was dismissed as intended behavior.

In a post-mortem published Wednesday, the team said the incident has prompted a review of how it handles bug bounty submissions, particularly reports involving chained attack vectors that may appear harmless in isolation but are dangerous in combination.

“This bug was reported and they simply ignored it,” one user wrote on X. “That’s how bug bounty programs work with these protocols currently; they incentivize losses for the protocol, the TVL, and the user’s balance instead of paying the researcher for discovering and fixing the bug,” they added.

Read more

Schreibe einen Kommentar

Deine E-Mail-Adresse wird nicht veröffentlicht. Erforderliche Felder sind mit * markiert

Bitte geben Sie den Coingecko Free Api Key ein, damit dieses Plugin funktioniert

Subscribe To The Latest Crypto News

You have successfully subscribed to the newsletter

There was an error while trying to send your request. Please try again.

World Wide Crypto will use the information you provide on this form to be in touch with you and to provide updates and marketing.