Coinbase Bug Allowed Users To Steal Unlimited ETH

mcminer | March 24, 2018 | 0 | ETH , Latest News

Spread the love

Coinbase  the US based cryptocurrency marketplace has rewarded a Dutch company with a $10,000 bounty after it discovered a smart contract glitch allowing users to steal “as much as they want” in Ethereum (ETH), according to a report made public.

The issue, which VI Company reported to Coinbase December 27 of last year, revolved around exploiting a smart contract that involved a faulty wallet.

Users were technically able to credit themselves with unlimited ETH funds. “By using a smart contract to distribute ether over a set of wallets you can manipulate the account balance of your Coinbase account,” VI Company described in the report, continuing:

“If 1 of the internal transactions in the smart contract fails all transactions before that will be reversed. But on Coinbase these transactions will not be reversed, meaning someone could add as much ether to their balance as they want.”

Coinbase has faced continued technical difficulties for almost a year. Since a mass influx of new users in mid-2017, the US’ largest exchange and wallet provider’s technical capabilities have been stretched, resulting in delayed and missing funds, system outages and other problems.

Other crypto currency trading platforms have also experienced mass influx in users, most notably last December when Bitcoin hit $20,000 dollars, thus causing many to limit or even temporarily pause new accounts being created.

Despite promises to beef up performance, the reaction to a bug that could technically have drained billions of dollars in cryptocurrency is telling; Coinbase only fixed the issue a month after the original report on January 26.

“Analysis of the issue indicated only accidental loss for Coinbase, and no exploitation attempts,” it wrote as part of its commentary.

Loopholes of this type have previously affected major businesses interacting with cryptocurrency. In January, Cointelegraph reported on a website glitch at Overstock , which allowed users to pay and request refunds in either Bitcoin (BTC) or Bitcoin Cash (BCH), resulting variously in huge savings or huge profits. Overstock uses Coinbase’s merchant integration API.

Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.