- An unknown person attempted to exploit a feature of the XRP Ledger at Bitfinex, seeking to move billions in XRP, although the attack failed due to effective security measures.
- Bitfinex avoids risks when facing attempted exploits in partial payment transactions.
In an unsuccessful manipulation attempt at Bitfinex, significant sums were transferred in XRP, generating concern among market observers as it constituted about 50% of the total capitalization of $30 billion in XRP.
In a post on X, Paolo Ardoino, CEO of Bitfinex, validated the use of an XRP Ledger feature. An unsuccessful exploit attempt by unknown individuals was recorded on this well-known cryptocurrency exchange.
“Someone tried to attack Bitfinex through ‘Partial Payment Exploit’.”
ardoino said on X. “The attack failed because Bitfinex properly handles the ‘delivered_amount’ data field.”
About $15 billion in XRP was flagged by WhaleAlerts in an apparent transaction early Monday. This sum represented nearly half of the cryptocurrency’s total capitalization of $31 billion.
However, the actual transfer was just pennies in XRP and failed, as the sender “did not have sufficient liquidity,” according to blockchain data on the transaction.
The intent was aimed at inducing Bitfinex to accept the transfer as authentic, which could have facilitated a potential hack. However, Bitfinex’s systems detected the transfers as “partial payments,” a feature of the XRP Ledger that enables successful payment by reducing the amount received.
Partial payments are useful for returning payments without incurring additional costs. However, they are a known attack vector, XRP Ledger transactional documents show.
If a financial institution’s connection to the XRP Ledger assumes that the Amount field of a payment always represents the entire amount delivered, malicious individuals can exploit this assumption to subtract funds from the institution. The malicious actor withdraws as much of the balance as possible to another system before the vulnerable institution detects the discrepancy, according to the documents.
This incident is an event that highlights the importance of the robust security measures implemented by Bitfinex, evidencing the potential vulnerability of financial institutions that do not properly manage XRP Ledger features . The crypto community remains alert to potential threats, underscoring the urgent need for effective cybersecurity in the crypto sector.