Chinese Cybersecurity Analysts Claim to Have Found Tether Spending Vulnerability

Published at: June 28, 2018

Update, June 30: SlowMist has confirmed that the discovered double spending vulnerability is not inherent in Tether, but is instead a result of some crypto exchanges’ poor practices.

Chinese private cybersecurity firm SlowMist has found a double-spending vulnerability in Tether (USDT) today, June 28.

SlowMist states in a tweet that they were able to send USDT to an unnamed exchange without correct field values on the transaction. This means that individuals may be credited for tokens without actually having sent them, leading to a double spend. Following the tweet from SlowMist, a founder of OmniLayer, the platform on which USDT was created, offered an explanation to the error:

“[I]t appears that what happened here is that an exchange wasn't checking the valid flag on transactions. They accepted a transaction with valid=false (which they should not have), and then the second "double spend" transaction had valid=true, which they also accepted. Unless I am missing something, this is just poor exchange integration.”

Crypto observer CryptoMedication posted a picture of the error.

The world's second largest exchange by trade volume, OKEx, posted a statement regarding the error. The exchange said it performed a series of examinations when it was notified of the loophole by SlowMist, after which it determined OKEx is “not exposed to the vulnerability.”

According to CryptoMedication, the double-spend vulnerability carries serious implications as “it is possible that this could have been exploited ad infinitum.” CryptoMedication adds that it “seems to be an exchange problem… more so than a Tether issue…”

Earlier this week, Tether issued 250 million new tokens, which are allegedly backed 1:1 by the U.S. dollar. Tether had previously released 300 million tokens at the end of March, which led to small price increase in Bitcoin (BTC). Tether also made news earlier this month, when a study from the University of Texas alleged that USDT was used as an instrument for BTC price manipulation in 2017.

Tags
Related Posts
Tether hit with 500 Bitcoin ransom demand — But says it won't pay
Hackers have threatened to release sensitive company documents supposedly belonging to USDT stablecoin issuer Tether unless the firm sends a 500 Bitcoin (BTC) ransom to a specified address. As revealed by the official Twitter account for Tether on Sunday, hackers purportedly threatened to leak documents that would “harm the Bitcoin ecosystem” if their ransom demands were not met. Tether has already stated that it will not pay the ransom, which amounts to a dollar value of $23.8 million at the time of publication. The firm tweeted: “Today we also received a ransom demand for 500 BTC to be sent to …
Technology / March 1, 2021
Tether Launches USDT Stablecoin on Algorand Blockchain
Leading stablecoin operator Tether launched its U.S. dollar-backed stablecoin USDT on the Algorand proof-of-stake (PoS) blockchain. In a press release on Feb. 10, Tether announced that USDT on Algorand will feature confirmation times as low as four seconds and transaction fees of a fraction of a percent. Tether chief technology officer Paolo Ardoino said: “Our latest collaboration with Algorand leverages the speed and security of Algorand’s protocol to give traders fast settlement and reduced counterparty risk in their fiat to digital asset transactions.” When asked whether Tether plans to launch USDT on more blockchains, Ardoino told Cointelegraph that the firm …
Blockchain / Feb. 10, 2020
Two firms account for the majority of Tether received: Report
Tether (USDT) has gone from being a renegade cryptocurrency to becoming the industry's primary crutch during the last seven years, according to a new report. Essentially, USDT is a bridge between traditional currencies like the U.S. dollar and decentralized digital currencies operating on open blockchain networks. Independent crypto outlet Protos provided an in-depth insight into the most common stablecoin and the liquidity providers who supply it to cryptocurrency platforms. According to the report, issued USDT is primarily acquired by just two market makers. Between 2014 and October 2021, Alameda Research and Cumberland received a projected $60.3 billion in USDT, accounting …
Blockchain / Nov. 12, 2021
Ethereum white paper predicted DeFi but missed NFTs: Vitalik Buterin
Rounding up the last decade, Ethereum co-founder Vitalik Buterin revisited his predictions made over the years, showcasing a knack for being right about abstract ideas than on-production software development issues. Buterin started the Twitter thread by addressing his article dated Jul. 23, 2013 in which he highlighted Bitcoin's (BTC) key benefits — internationality and censorship resistance. Buterin foresaw Bitcoin’s potential in protecting the citizens’ buying power in countries such as Iran, Argentina, China and Africa. However, Buterin also noticed a rise in stablecoin adoption as he saw Argentinian businesses operating in Tether (USDT). He backed up his decade-old ideas around …
Adoption / Jan. 2, 2022
Tether to launch GBPT stablecoin pegged to British pound sterling
Major stablecoin company Tether is expanding its stablecoin offering with a new cryptocurrency pegged to the British pound sterling (GBP). Tether officially announced on Wednesday that its upcoming GBP-pegged stablecoin, GBPT, will launch in early July and will initially be supported by the Ethereum blockchain. GBPT will be a stable digital currency pegged on the 1:1 ratio to the GBPT, aiming to provide a faster and cheaper option for asset transfers. GBPT joins a family of four other fiat currency-pegged Tether (USDT) tokens, including the largest stablecoin by market capitalization, USDT. Other stablecoins include the euro-pegged EURT, the offshore Chinese …
Blockchain / June 22, 2022