The vulnerability dubbed “HamsterWheel” traps nodes in an endless loop similar to hamsters jogging on a wheel.
News
Blockchain security firm CertiK has received a bounty of $500,000 from the Sui network after flagging a threat that had the potential to disrupt Sui’s entire layer-1 blockchain.
In an announcement sent to Cointelegraph, the CertiK team highlighted that the vulnerability dubbed “HamsterWheel” was different from traditional attacks which focus on shutting down blockchains by crashing nodes.
This attack traps nodes, letting them perform operations without processing new transactions, similar to hamsters jogging on a wheel. The attack has the capability to cripple networks and make them unable to operate.
The security firm discovered the vulnerability and reported it to Sui ahead of its mainnet launch. Responding to the security threat, the Sui network implemented fixes to prevent the potential damages that an attack could inflict on the blockchain.
To appreciate CertiK’s efforts, Sui awarded a $500,000 bounty to the security firm. According to CertiK, this highlights the importance of bug bounty programs and proactive security efforts.
Related: Here’s how hackers are using mining pools as mixers: Chainalysis
Kang Li, chief security officer at CertiK, said that threats to blockchain networks are constantly evolving. “The discovery of the HamsterWheel attack demonstrates the evolving sophistication of threats to blockchain networks,” Li explained.
According to the announcement, more technical details will be published and made available soon. Moreover, full reports will be announced once all mitigations have been deployed and thoroughly tested.
Meanwhile, in the decentralized finance (DeFi) space, a crypto trading bot has taken a $200 million loan to secure a $3 profit. On June 14, an arbitrage bot performed a series of complicated transactions, including borrowing 200 million DAI (DAI) in MakerDAO and ended up with a total gain of $3.24. A community member praised the bot’s efforts and said “profit is profit” while another said that this was a sign of how bad the crypto bear market is.
Magazine: Should crypto projects ever negotiate with hackers? Probably