Sunday, July 5, 2026
HomeEthereumHow white hat hackers with a $3,000 server discovered a flaw that...

How white hat hackers with a $3,000 server discovered a flaw that might’ve put $70 billion in crypto in danger

In the meantime, Grego AI, which independently verified Hexens’ proof-of-concept, calculated that roughly $250 million in Aptos-native TVL was straight in danger primarily based on the near-90% success charge, separate from broader cross-chain publicity.

The $70 billion danger

The vulnerability, found by Vahe Karapetyan, CTO and co-founder of Hexens, may, if left unchecked, have uncovered a far bigger systemic danger floor throughout bridges, stablecoins, DeFi protocols and centralized exchanges, costing billions and making a disaster far past Aptos itself.

And all it will’ve taken was a couple of thousand {dollars}’ value of servers.

The entire price to spin up the infrastructure wanted to run this experiment was roughly $3,000 for a server that simulated an atmosphere designed to approximate Aptos mainnet circumstances. Though if a malicious attacker had been to truly undergo the exploit, it will have required significantly much less, with out requiring validator entry, insider data or privileged protocol permissions.

The staff ran the exploit path roughly 20 occasions in a simulated atmosphere and succeeded 17 or 18 occasions. The 2 or three failed makes an attempt did not cease the community, which means the attacker may have merely had one other window to strive once more.

The simulation was constructed to carefully approximate actual community circumstances, utilizing a cluster of greater than 30 validator nodes, a mainnet-shaped stake distribution, natural transaction visitors and heavy execution rivalry. The Hexens staff additionally examined what they name “non-armed calibration methods”: dry runs that measured mempool and block-construction circumstances earlier than committing to an armed try. The agency stated these steps materially decreased the uncertainty launched by the exploit’s probabilistic parts, making the assault path extra dependable in observe.

RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Most Popular

Recent Comments