Tether-related breach found by Asian cybersecurity experts

A previously unknown Tether (USDT) vulnerability has been reported by tech experts from Asia. Basically, a transaction could be conducted twice due to the errors in the verification tools in the code.

交易所在进行USDT充值交易确认是否成功时存在逻辑缺陷，未校验区块链上交易详情中valid字段值是否为true，导致“假充值”，用户未损失任何USDT却成功向交易所充值了USDT，而且这些 USDT 可以正常进行交易。
我们已经确认真实攻击发生！相关交易所应尽快暂停USDT充值功能，并自查代码是否存在该逻辑缺陷。 pic.twitter.com/EPzZIsZFzH

— SlowMist (@SlowMist_Team) June 28, 2018

An invalid variant of transaction was accepted just as the real operation. Experts note that the problem would not exist at all if it wasn’t for some poorly-made cryptocurrency exchange on which this bug only works. Naturally, they did not specify the name of the platform.

This could have resulted in a disruption of Tether economy and harm its reputation. The stated goal of project Tether is to issue tokens which are backed by the United States dollar, although both conservative financial and less rigid cryptocurrency experts have repeatedly expressed doubts in the credibility of the enterprise. This time, however, the reliability of the cryptocurrency is undermined by coders from a separate firm. Reports tell that most observers reached this conclusion independently.

Sometimes such errors are not fixed in time and there are historical examples when digital currency technologies suffer from the problem of double-spending. This technique was also a part of a 51% attack on Bitcoin Gold, as seen from the reports on that incident.

Image: stock photo