Recently Found Double Spending Vulnerability Is Not Tether’s Own, SlowMist Confirms

Published at: June 30, 2018

China-based cybersecurity firm SlowMist has confirmed that a recent double-spending vulnerability it found in Tether (USDT) is not inherent to the cryptocurrency itself.

Instead, it is enabled by some crypto exchanges’ databases not strictly verifying the status of the “valid” parameter of incoming USDT transactions. SlowMist explained this in a comment to its own Tweet June 28.

On June 28, SlowMist detected a vulnerability that allowed them to send USDT to a crypto exchange without correct field values on the transaction.

Subsequently, the cybersecurity firm explained that the newly discovered vulnerability is not an issue of the Tether network, but is instead a result of poor implementation of some exchanges’ data systems.

According to SlowMist’s statement, the issue is that the exchanges’ databases “do not strictly verify the status of the "valid" parameter.”

“Corrected a bit to explain: This vulnerability is not the USDT's own vulnerability, but some exchange platform' databases do not strictly verify the status of the "valid" parameter.

Please do not panic.”

Major crypto exchange OKEx reacted immediately to SlowMist’s report, claiming that its platform “is not affected by this issue.”

SlowMist further retweeted a post by the Omni Core maintainer which provided further information about the vulnerability. Omni Core claimed that the vulnerability comes from neither Tether’s part, nor the Omni Layer protocol, but “rather poor handling of incoming transactions.”

Created in 2012, Omni Layer, formerly known as Mastercoin, is a digital currency and communications protocol based on Bitcoin’s (BTC) blockchain. Tether, originally known as "Realcoin,” is a stablecoin pegged to the value of the U.S. dollar. It was announced in July 2014 and later issued on the Bitcoin blockchain via Omni Layer’s protocol.

On June 25 this year, Tether issued 250 million new tokens, a move that was met with some backlash from critics on Twitter who have expressed doubts about the fact that all USDT tokens are backed by the same amount of U.S. dollars.

Tags

Blockchain

Tether

Security

Related Posts

Algorand’s Venture Arm Loses up to $2M in Hot Wallet Breach: Report

Algo Capital, an investment arm of United States-based blockchain firm Algorand, has lost roughly $1–2 million in Tether (USDT) stablecoins and Algorand (ALGO) tokens after its CTO Pablo Yabo’s mobile phone was compromised. The breach allowed hackers to gain access to Yabo-managed Algo hot wallet, a source familiar with the matter told Coindesk on Oct. 5. The total amount of damages was reported in an email by the company’s CEO David Garcia. He confirmed the security breach and claimed that the firm passed the details of the incident to its limited partners, according to the article. Full reimbursement in 20 …

Blockchain / Oct. 6, 2019

The Financial System of the Future — Who Benefits From CBDCs?

In recent months, the race for the development of a central bank digital currency is gaining pace. The last signal was launched by Chinese President Xi Jinping, who publicly stated the need to invest public resources in blockchain, slated to be the core technology of the future. The euphoria of the Chinese market following the presidential declaration induced Mark Zuckerberg — who had been encountering considerable resistance from Western authorities since the beginning of the Libra project — to raise the alarm on an alleged Chinese overtaking of digital currency technology. A CBDC is a new type of legal tender …

Blockchain / Jan. 1, 2020

Tether Hits Back at Claims Its Reserves Were Used to Cover $850 Million Loss at Bitfinex

Stablecoin operator Tether has responded to allegations that its funds were used to cover an $850 million loss at the crypto exchange Bitfinex — using a statement on April 26 to claim court filings by the New York Attorney General’s office are “riddled with false assertions.” The state’s top prosecutor, Letitia James, has accused Tether, Bitfinex and associated entities of violating New York law through activities that may have defrauded crypto investors in the state. According to the court filings, the exchange took hundreds of millions of dollars from Tether’s reserves to conceal losses from investors and hide its inability …

Blockchain / April 26, 2019

FX Settlement Provider CLS Begins Final Testing for Blockchain Payment Banking Service

Forex exchange (FX) settlement giant CLS is in the final stages of testing its blockchain payment service for banks, Financial News reported July 27. The service is reportedly set to be launched later this summer, with at least seven banks expected to sign on to the system in the early months. CLS, the New York-based global multi-currency cash settlement system, has been working with tech company IBM to introduce the blockchain-powered payment netting service. The system is set to be incorporated in banking IT systems to boost the level of standardization in the global FX markets, as well as reduce …

Blockchain / July 29, 2018

Ethereum white paper predicted DeFi but missed NFTs: Vitalik Buterin

Rounding up the last decade, Ethereum co-founder Vitalik Buterin revisited his predictions made over the years, showcasing a knack for being right about abstract ideas than on-production software development issues. Buterin started the Twitter thread by addressing his article dated Jul. 23, 2013 in which he highlighted Bitcoin's (BTC) key benefits — internationality and censorship resistance. Buterin foresaw Bitcoin’s potential in protecting the citizens’ buying power in countries such as Iran, Argentina, China and Africa. However, Buterin also noticed a rise in stablecoin adoption as he saw Argentinian businesses operating in Tether (USDT). He backed up his decade-old ideas around …

Adoption / Jan. 2, 2022