Blockchain security firm CertiK recently received a bounty of $500,000 from the Sui network, after discovering a potentially fatal threat known as “HamsterWheel” in Sui’s layer-1 blockchain. Unlike typical attacks that focus on shutting down blockchains by crashing nodes, this vulnerability traps nodes in an endless loop of operations, preventing them from processing new transactions. The attack has the power to paralyze networks and render them inoperable.
Identifying the vulnerability ahead of Sui’s mainnet launch, CertiK reported the security threat to Sui, which swiftly implemented fixes to prevent the possibly devastating damages that an actual attack could bring to the blockchain. In recognition of CertiK’s efforts, Sui awarded the security firm a $500,000 bounty, showcasing the significance of bug bounty programs and proactive security initiatives.
According to Kang Li, Chief Security Officer at CertiK, threats to blockchain networks are always in flux. He stated, “The discovery of the HamsterWheel attack demonstrates the evolving sophistication of threats to blockchain networks.” More technical details regarding the vulnerability will be published soon, with full reports coming out after all mitigations have been deployed and rigorously tested.
In related news, a crypto trading bot in the decentralized finance (DeFi) space recently took out a $200 million loan to secure a mere $3 profit. On June 14, the arbitrage bot executed an intricate series of transactions involving borrowing 200 million DAI in MakerDAO, ultimately netting a total gain of just $3.24. Though some community members lauded the bot’s efforts, stating, “profit is profit,” others saw it as a sign of how dire the crypto bear market has become.
CertiK’s discovery of the HamsterWheel attack and the ensuing security bounty emphasizes the necessity of remaining vigilant and proactive in the ever-changing landscape of blockchain technology and network threats. As more companies continue to adopt blockchain, close collaboration between these companies and security researchers will be crucial in maintaining the integrity and security of their platforms.
Source: Cointelegraph