Lightning Labs CTO Confirms LN Vulnerabilities ‘Exploited in the Wild’

Published at: Sept. 10, 2019

Following a recent warning on vulnerabilities on Bitcoin’s (BTC) Lightning Network (LN), a startup claims to have found instances of the vulnerability being exploited.

Upgrade advised to avoid loss of funds

Olaoluwa Osuntokun, CTO at LN-focused startups Lightning Labs and ACINQ, revealed the news in a brief statement on Linux Foundation’s domain on Sept. 10, claiming that there are confirmed instances of Common Vulnerabilities and Exposures (CVE) “being exploited in the wild.”

The vulnerability was first reported on Aug. 30 by LN coder Rusty Russell. At the time, the Australian software programmer warned of security issues in a number of Lightning projects that could cause loss of funds, urging LN nodes operators to update their software as soon as possible.

Three pieces of software affected

Now that CVE cases have been confirmed, in order to avoid the risks of funds loss, Osuntokun strongly advised users to update their LN versions. The affected versions include LND nodes version 0.7 and below, c-lightning nodes version 0.7 and below and eclair nodes version 0.3 and below, the post noted.

Following the new warning, Lightning Labs tweeted, advising LN users to remain cautious:

“This is also a great time to remind folks that we have limits in place to mitigate widespread funds loss at this early stage. There will be bugs. Don't put more money on Lightning than you're willing to lose!”

In mid-August, cryptocurrency consulting firm Lunar Digital Assets warned that private transactions of PIVX cryptocurrency and over 200 other blockchains are vulnerable to attackers obtaining disproportionately high staking rewards.

Tags
Related Posts
Bilaxy exchange suspends website after ERC-20 hot wallet hack
Bilaxy, a lesser-known cryptocurrency exchange, has confirmed a major hacking incident, reporting the losses of funds due to an exploit of the platform’s ERC-20 hot wallet. Bilaxy announced on its Telegram channel that the crypto exchange suffered a “serious hack” on Saturday between 6 pm and 7 pm UTC, resulting in the transfer of 295 different ERC-20 tokens. According to the exchange, the affected tokens were transferred by the hacker to a single address. At the time of writing, the tokens are valued at $170,600, with the most recent transaction sending out 50 Ether (ETH), or about $159,000, on Monday. …
Bitcoin / Aug. 30, 2021
Binance CEO Suggests Crypto Exchanges Are Safer Than Keeping One’s Keys
Changpeng Zhao, the co-founder and CEO of cryptocurrency exchange Binance, suggested that for most, keeping crypto assets on an exchange is safer than keeping the keys themselves. Zhao gave his comments in a tweet on Jan. 19 after famous crypto skeptic and gold bug Peter Schiff complained that he lost access to his Bitcoin (BTC). Invoking the phrase “SAFU” — a slanger term in the crypto community for “safe,” Zhao said: “Many hardcore crypto [organizations] advocate storing your own keys. But the truth is, today most people are not able to secure a key even from themselves (losing it). A …
Bitcoin / Jan. 20, 2020
Bitcoin Lightning Nodes Claimed 2.22 BTC in 'Justice' Against Thieves: BitMEX
Bitcoin (BTC) Lightning Network nodes have claimed 2.2 BTC in “justice transactions” to deter potential thieves, a BitMex Research analysis revealed on July 15. A so-dubbed “justice transaction” is a punitive mechanism involving the closure of a lightning channel that is suspected to be attempting theft. As the report outlines: “[B]y design, when a thief attempts to steal funds on the lightning network, if caught, they do not only lose the money they tried to steal, they lose all the funds in the relevant channel. This ‘punishment’ is expected to act as a deterrent and is sometimes called ‘justice’. BitMEX …
Bitcoin / July 15, 2019
Binance CEO Addresses Concerns Live After $40 Mln BTC Hack, Rejects Blockchain Reorg Idea
Changpeng Zhao (CZ), CEO of major crypto exchange Binance, has devoted his live AMA on Twitter to address community concerns in the wake of yesterday’s $40.7 million hack. The AMA was broadcast live on May 8, 3am UTC. As reported yesterday, Binance suffered a major and premeditated hack, reportedly conducted by tactics that included phishing and viruses to obtain a large number of 2FA codes and API keys. The security breach reportedly resulted in hackers withdrawing around 7,000 bitcoin (BTC) — worth around $40.7 million at the time — from the exchange’s hot wallets, in a transaction that went undetected …
Bitcoin / May 8, 2019
Bitcoin hash rate marks all-time high as BTC price drops below $25K
Bitcoin (BTC) hash rate, a network security measure based on computing power for mining, achieved a new all-time high (ATH) of 231.428 exahash per second (EH/s) amid an ongoing bear market that witnesses BTC price plunging below the critical $25,000 mark. Hash rate is directly proportional to the computing power of mining equipment for confirming transactions, which deters bad actors from manipulating on-chain transactions. Complimenting the new hash rate ATH, the Bitcoin network difficulty stands at a strong position of 30.283 trillion. Some of the most popular Bitcoin mining pools based on market share include Poolin, AntPool, F2Pool, ViaBTC and …
Blockchain / June 13, 2022