Cointelegraph
DOGE$0.07410 2.45%
TRX$0.3315 0.48%
LINK$7.90 3.49%
ZEC$490.11 6.82%
ADA$0.1681 0.98%
XRP$1.10 1.81%
ETH$1,777.15 2.55%
BTC$63,989.56 3.09%
XMR$316.08 1.14%
BNB$575.74 1.39%
XLM$0.1903 4.83%
SOL$79.01 2.09%
HYPE$68.31 1.41%
Written by Jesse Coghlanstaff editorReviewed by Felix Ngstaff editor

Reported ‘transfer’ of $15B XRP was part of a failed exploit attempt

Latest NewsPublishedJan 15, 2024

According to Bitfinex chief technology officer Paolo Ardoino, an attacker attempted to use XRP’s partial payments feature to exploit the crypto exchange but failed.

unknown-wallet-xrp-transfer-bitfinex-partial-payments-exploit

A supposed transaction of nearly $15 billion worth of XRP (XRP) from an unknown wallet to Bitfinex on Jan. 14 never went through, and it was part of a failed “partial payments exploit” attempt, according to Bitfinex chief technology officer Paolo Ardoino.

The transfer was initially highlighted by blockchain tracking X (formerly Twitter) account Whale Alert, which claimed to see a transaction of 25.6 billion XRP — nearly half of XRP’s billion circulating supply — from an unknown wallet to Bitfinex.

A screenshot of the now-deleted Whale Alert X post. Source: X

However, Whale Alert later deleted the post and said there was “an issue with properly reading the Ripple node response, resulting in a few wrong posts.”

Ardoino then explained on X that “someone attempted to attack” Bitfinex through a “Partial Payments Exploit,” with the would-be attacker anticipating the exchange had incorrectly configured its software to process partial payments.

Someone attempted to attack @bitfinex via "Partial Payments Exploit".
Attack failed since Bitfinex properly handles 'delivered_amount' data field.https://t.co/EiGw9UQmmq

(updated with better gif) https://t.co/8I7vlO05ou pic.twitter.com/DxOnJLLkhU— Paolo Ardoino (@paoloardoino) January 14, 2024

A partial payments exploit works by assuming a company has an improperly configured system that only reads the amount field of an XRP transaction, which is set to a high amount.

Related: Hong Kong Virtual Asset Consortium removes XRP from global crypto index

In reality, the exploiter sends over a much smaller amount specified in another transaction field and aims to receive credit for the difference.

Ardoino, however, noted the attack failed as “Bitfinex properly handles the ‘delivered_amount’ data field.

According to blockchain data, the attacker also tried an attack on Binance with a 58.9 billion XRP transfer, which similarly failed.

Asia Express: Fake news crypto panic, Binance gains users as market share falls?

1 minute letter

Subscribe to daily byte-sized crypto news from Cointelegraph

Subscribe
Cointelegraph is committed to independent, transparent journalism. This news article is produced in accordance with Cointelegraph’s Editorial Policy and aims to provide accurate and timely information. Readers are encouraged to verify information independently.

More on the subject