ZetaChain dismissed bug report that could have prevented $334K exploit
The vulnerability behind ZetaChain's $334,000 exploit had been reported through its bug bounty program before the attack but was dismissed.
The vulnerability that led to ZetaChain’s recent exploit had been flagged through its bug bounty program before the attack, but was dismissed as intended behavior.
In a post-mortem published Wednesday, the team said the incident has prompted a review of how it handles bug bounty submissions, particularly reports involving chained attack vectors that may appear harmless in isolation but are dangerous in combination.
“This bug was reported and they simply ignored it,” one user wrote on X. “That's how bug bounty programs work with these protocols currently; they incentivize losses for the protocol, the TVL, and the user's balance instead of paying the researcher for discovering and fixing the bug,” they added.
Source: Cointelegraph →Related News
- 6 hours ago
Stable Sea integrates WisdomTree tokenized Treasury fund for corporate cash mana...
- 9 hours ago
Visa adds Polygon, Base support as stablecoin settlement run rate hits $7B
- 12 hours ago
KuCoin EU hires new AML chief after Austria ban on new business under MiCA
- 12 hours ago
MoonPay buys crypto security firm Sodot in $100M push into institutional crypto
- 12 hours ago
Monthly prediction market volume hits $25.7B as user activity shifts beyond one-...