Several exchanges have fallen victim to a hack

The Xrplorer tool reported that it had successfully blocked three malicious attacks against exchanges in June. According to a report that said several exchanges had fallen victim to hackers because they had incorrectly implemented "partial payment" payments for the XRP ledger. Cryptographic exchange platforms, merchants and gateways are all vulnerable to malicious attacks. This is due to a failure to configure XRPL when integrating with the exchange platform or other organizations. In fact, it was a recurring error that allowed malicious participants to empty wallets containing the platform or the exchange's XRP.

How can exchanges avoid the theft of their XRP?

The transaction is accepted but the exchange receives a low amount of the specified currency. The platform reads the transaction, but only sees the field where the initial amount, the large sum of the specified currency, or the metadata field called the delivered_amount is indicated. The compromised institution proceeds to credit the malicious actor with the initial amount on an external system, despite having received a much smaller sum on the XRPL.

There are clear attack scenarios that the XRPL development team has determined. For exchanges, usually a malicious attack that takes advantage of the Partial Payment vulnerability begins with a transaction that the platform receives. This transaction is usually large and has the Partial Payment notification enabled.

In the case of gateways, the malicious actors will look for a means to change the stolen funds to Bitcoin (BTC), Ethereum (ETH) or a cryptocurrency in a blockchain because the transactions are irreversible upon confirmation. For exchanges, attackers could withdraw the funds directly in XRP to the XRP Ledger.

According to the tool dedicated to prevent and stop this kind of attack, Xrplorer, only during June 3 have been successfully stopped. On their Twitter account, the tool advised the exchanges to check their settings. Xrplorer claims that malicious actors are constantly looking for platforms that allow them to take advantage of the Partial Payments feature.

It is recommended that institutions use the delivered_amount field to process their transactions. This should be sufficient, according to the XRP Ledger page, to avoid the vulnerability. In that sense, Xrplorer’s CEO, Thomas Silkjaer, also recommends the following:

Exchanges: Don’t go live with your XRP implementation, before you have tested it. A big warning is at the very beginning of the “List XRP as an Exchange” tutorial on http://xrpl.org and yet I have cringed while watching an unidentified exchange was emptied today.

This feature is part of the XRP Ledger, as mentioned, and is one of the payment methods that allow XRPL. The Partial Payment function allows a sent transaction to deduct the recipient’s transfer fee. That way, if a user is making a return or returning a payment, the transaction fee can be charged to the recipient and the sending user does not incur an additional expense.

Author : Reynaldo