Content Index
Toggle
$1.5 Billion XRP Transfer?
Partial Payment Vulnerability Attack
According to information broadcasted by account tracker Whale Alert on the blockchain, there was a shocking transfer of a total of 2.56 billion XRP from an unknown wallet to Bitfinex yesterday (14th).
As soon as this transaction notification appeared on the blockchain, it immediately sparked discussions in the market, as this transaction accounted for almost half of the total circulating supply of XRP, with a total value of nearly $15 billion. However, Whale Alert soon deleted this tweet and stated that it was a result of an error tweet caused by abnormalities in the Ripple nodes.
Following this incident, Paolo Ardoino, the CTO of Bitfinex, came forward and stated that this transaction was actually a “partial payment vulnerability attack” targeting the exchange. Bitfinex successfully identified and blocked this attempted attack.
The partial payment vulnerability exploits system configuration flaws in certain companies (such as the error tweet from Whale Alert). This flaw refers to the fact that the company’s system only checks the “amount” field in XRP transactions, and this field can be set to a very high number. However, in reality, scammers only send a significantly smaller actual amount in the transaction. Their goal is to make the company mistakenly believe that they have paid a large sum of money and obtain the price difference that was not actually paid from the company.
Fortunately, Bitfinex’s system was able to identify the actual payment amount, not just the amount displayed in the transaction, and was not affected by this attempted attack.
Furthermore, blockchain data also shows that the attackers transferred 5.89 billion XRP to Binance in an attempt to launch the same attack, but ultimately, it also ended in failure.
