• Dapps:16.23K
  • Blockchains:78
  • Active users:66.47M
  • 30d volume:$303.26B
  • 30d transactions:$879.24M
CertiK Discovers a Security Flaw in the Wormhole System on the Aptos Network

CertiK Discovers a Security Flaw in the Wormhole System on the Aptos Network

user avatar

by Eve Adams

2 years ago

CertiK, a blockchain security platform, reported discovering a vulnerability in the Wormhole system on the Aptos network that could potentially have led to financial losses amounting to $5 million. The flaw was detected and rectified in a timely manner after notifying the Wormhole team, preventing possible exploitation by malicious actors.

According to CertiK, the issue arose due to incorrect implementation of the public(friend) and entry modifiers in the MOVE programming language. The public(friend) modifier restricted function calls to other functions within the same module or specified external accounts, while the entry modifier allowed the function to be called from any external account.

This configuration enabled attackers to create fictitious transactions that would move tokens between accounts without actually transferring funds. This could allow the Ethereum bridge to issue or unlock tokens without the backing of real deposits on the Aptos side. Ultimately, malicious actors could have caused damage up to $5 million had the vulnerability not been identified and addressed promptly.

CertiK provided a detailed report on the vulnerability in video format, enhancing awareness and attention to security issues within the blockchain community.

0

Rewards

chest
chest
chest
chest

More rewards

Discover enhanced rewards on our social media.

chest

Other news

Kraken Introduces CFTC-Regulated Perpetual Futures for Professional Traders

chest

Kraken has launched CFTC-regulated perpetual futures for eligible institutional and professional clients through its Bitnomial integration.

user avatarKaterina Papadopoulou

Michael Saylor Advocates for Bitcoin as Pure Digital Capital

chest

Michael Saylor emphasizes that Bitcoin should remain a pure digital asset, separate from yield-bearing crypto systems.

user avatarMaya Lundqvist

Bitcoin Tests Global Liquidity Assumptions

chest

Bitcoin is currently testing the assumption that rising global liquidity will lead to higher prices, as global M2 liquidity reaches a record high.

user avatarLeo van der Veen

Switzerland to Host US-Iran Memorandum Signing on June 19, 2026

chest

Switzerland is set to host a US-Iran memorandum signing on June 19, 2026, involving Qatar and Pakistan as mediators.

user avatarLi Weicheng

Aztec Connect Smart Contract Exploited for $219 Million

chest

A deprecated Aztec Connect smart contract has been exploited for about $219 million, highlighting the risks associated with old contracts in DeFi.

user avatarAisha Farooq

World Liberty Financial Partners with UFC for USD1 Stablecoin Bonus Pool

chest

World Liberty Financial has partnered with UFC to use its USD1 stablecoin in the event's bonus structure, aiming to promote the token to a mainstream sports audience.

user avatarTenzin Dorje

Important disclaimer: The information presented on the Dapp.Expert portal is intended solely for informational purposes and does not constitute an investment recommendation or a guide to action in the field of cryptocurrencies. The Dapp.Expert team is not responsible for any potential losses or missed profits associated with the use of materials published on the site. Before making investment decisions in cryptocurrencies, we recommend consulting a qualified financial advisor.