ZetaChain dismissed bug report that could have prevented $334K exploit
The vulnerability behind ZetaChain's $334,000 exploit had been reported through its bug bounty program before the attack but was dismissed.
The vulnerability that led to ZetaChain’s recent exploit had been flagged through its bug bounty program before the attack, but was dismissed as intended behavior.
In a post-mortem published Wednesday, the team said the incident has prompted a review of how it handles bug bounty submissions, particularly reports involving chained attack vectors that may appear harmless in isolation but are dangerous in combination.
“This bug was reported and they simply ignored it,” one user wrote on X. “That's how bug bounty programs work with these protocols currently; they incentivize losses for the protocol, the TVL, and the user's balance instead of paying the researcher for discovering and fixing the bug,” they added.
Source: Cointelegraph →Related News
- 7 hours ago
UAE-linked ADI Chain gains Ledger support amid stablecoin growth
- 7 hours ago
Crypto PAC money pours into Texas primary runoffs, as prediction markets favor c...
- 10 hours ago
Squid and Safe Labs say third-party module behind $3.2M exploit
- 11 hours ago
Coinbase CEO’s finance wishlist mirrors company’s product roadmap
- 12 hours ago
Satoshi-era Bitcoin miner transfers $203M in BTC to OTC desks