The Casper network has resumed operations after being halted for a few days due to an attack on 26 July. The attacker conducted illicit transactions worth .7 million before the core team behind the blockchain noticed suspicious activity. Since then, it has identified the vulnerability, offered a fix, which its validators have manually updated, and scanned the entire chain for illicit transactions from its genesis block. “We are happy to report that Casper has resumed consensus, and network transactions are being validated,” it said on X. “The Casper network is fully operational and the security incident has been resolved, thanks to a comprehensive, decentralized effort that brought together validators, engineers and other parties,” it added. A report published by Casper mentioned
Topics:
Suraj Manohar considers the following as important: Artificial Intelligence (AI), News
This could be interesting, too:
Guest Author writes Quantum Leap: Quantum and AI Will Make Hackers More Powerful Than Ever (Op-Ed)
Martin Young writes Chainlink Partners With Major Finance Firms on AI, Oracles, and Blockchain Data Solution Project
Temitope Olatunji writes X Empire Unveils ‘Chill Phase’ Update: Community to Benefit from Expanded Tokenomics
Bhushan Akolkar writes Cardano Investors Continue to Be Hopeful despite 11% ADA Price Drop
The Casper network has resumed operations after being halted for a few days due to an attack on 26 July. The attacker conducted illicit transactions worth $6.7 million before the core team behind the blockchain noticed suspicious activity. Since then, it has identified the vulnerability, offered a fix, which its validators have manually updated, and scanned the entire chain for illicit transactions from its genesis block.
“We are happy to report that Casper has resumed consensus, and network transactions are being validated,” it said on X. “The Casper network is fully operational and the security incident has been resolved, thanks to a comprehensive, decentralized effort that brought together validators, engineers and other parties,” it added.
A report published by Casper mentioned details of the incident, “The team became aware of the incident on 26 July 2024 at approximately 05:00 UTC. Subsequently, the root cause was identified on 26 July 2024 at approximately 13:00 UTC. Soon thereafter, a subset of validators agreed to pause consensus on 27 July 2024 – 07:50 UTC.”
The analysis of the incident continued to state, “After a thorough investigation, it was discovered that malicious actors exploited a vulnerability which allowed a contract installer to bypass the access rights check on urefs, thereby enabling them to grant the contract access to uref based resources. This escalation of privilege enabled illicit access including the ability to transfer tokens.”
64 Casper validators, representing 85% of the CSPR tokens staked in the network, unanimously agreed to restart the network after its pause. As the network kicked off again, validators had to manually update their nodes with the patch released by the Casper team. The patch comprised a new Casper-node binary and configuration files.
As network operations resumed, two blocks consisting of four transactions that led to the attack were orphaned, removing their unwanted effects on the network. A total of 13 wallets were affected by the attack, with the Casper team making them whole in the wake of the breach.