White hat hacker discovers a vulnerability in Injective that threatens $500 million in assets, receives only a $50,000 reward which has not yet been paid
ChainCatcher news, white hat hacker f4lc0n revealed on the X platform that he discovered a "critical" vulnerability in the Injective protocol, which could allow more than $500 millions in on-chain assets to be directly extracted. However, the project team only offered him a $50,000 reward, far below the maximum cap of $500,000 for this level as planned.
f4lc0n stated that the vulnerability allowed any user to drain any account on the chain without special permissions. After submitting the report via Immunefi, the Injective team initiated a mainnet upgrade vote to fix the vulnerability the next day, but then remained "out of contact" for the following three months. Currently, f4lc0n has disputed the reward amount and said that the $50,000 reward has not yet been paid. He announced that he will allocate 10% of his future bug bounty income to continuously disclose this matter until Injective pays the reward according to the standard.
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
Bittensor Subnet Completes Largest-Ever Scale LLM Pretraining, DeAI Narrative Regression
BIP-110 proposal controversy intensifies: Adam Back warns that bitcoin upgrade capability may be suppressed
Bitcoin breaks through $74,000, with Ethereum and other tokens rising by up to 6%
SOL spot ETF saw a net inflow of $10.7 million last week.
Trending news
MoreCrypto prices
More
