jm + parity   1

SECURITY ALERT - Critical bug in Parity's MultiSig-Wallet
'Together, we were able to determine that malicious actors had exploited a flaw in the Parity Multisig code, which allowed a known party to steal over 153,000 ETH from several projects including Edgeless Casino, Aeternity, and Swarm City.'

by leaving "internal" (a visibility restricting keyword) off of the wallet contract, it was possible for attackers to steal millions from a "secure" multi-sig wallet in Ethereum: https://press.swarm.city/parity-multisig-wallet-exploit-hits-swarm-city-funds-statement-by-the-swarm-city-core-team-d1f3929b4e4e

https://twitter.com/ncweaver/status/887821804038873088 : 'Time from "OMFG there is a bug" to "geez, someone steal $16M"? 2 hours. Gotta love JavaScript FunBukx, err Ethereum'
ethereum  fail  security  exploits  javascript  parity 
4 weeks ago by jm

Copy this bookmark:



description:


tags: