Binance Acknowledges Vulnerability in Wallet Protocol: Coinbase, ZenGo Also Affected

Binance, Coinbase, and ZenGo are under scrutiny as they address serious vulnerabilities in their wallet protocols.

Changpeng Zhao looking worried with a large face of a hacker in the background.
Created by Gabor Kovacs from DailyCoin
  • Binance confirms vulnerability in open-source wallet protocol.
  • Coinbase and ZenGo, among other exchanges affected by protocol flaws.
  • The crypto world looks for answers amid rising security concerns.

A recent revelation about vulnerabilities in major crypto exchanges’ wallet protocols has sent shockwaves through the industry. Binance, one of the largest crypto exchanges, has acknowledged flaws that could pose risks for traders and institutions. 

Vulnerability Puts Binance, Coinbase at Risk: What Happened?

On Thursday, August 9, Changpeng โ€œCZโ€ Zhao, the CEO of Binance, took to Twitter to address the concerns. Firstly, CZ thanked Fireblocks, a blockchain security firm, for discovering the vulnerability. He also pinpointed the responsibility to a flaw in Binance’s open-sourced Threshold Signature Scheme (TSS) Library. 

CZ added that no Binance user funds were affected by the vulnerability. According to Fireblocks, other projects suffered similar vulnerabilities. 

Fireblocks Sheds Light on Broad Crypto Wallet Vulnerabilities

Fireblocks, in a press release on August 9, highlighted a series of vulnerabilities in over 15 popular crypto wallet providers and projects. Significantly, these vulnerabilities potentially placed millions of crypto wallets at risk. Major exchanges, including Coinbase, Zengo, and Binance, were at risk.

Termed the “BitForge” vulnerabilities, these flaws predominantly affect wallets that employ multi-party computation (MPC) technology. Specifically, this technology enables multiple entities to jointly control and oversee cryptocurrency holdings.

One of the alarming facets of these vulnerabilities is that they were identified as โ€œzero-day,โ€ implying these issues were previously unrecognized by the affected projects. The implication of such flaws, if not addressed, would be profound. 

Fireblocks cautioned that malicious insiders or attackers could potentially empty the wallets of countless retail and institutional clients within seconds. Moreover, users or providers would not now know about the attack.

On the Flipside

  • โ€œZero-dayโ€ vulnerabilities exist undetected until someone discovers them. This raises questions about the unseen vulnerabilities that might still lurk within other widely-used systems.
  • Open source projects, including many in the crypto realm, are often hailed for transparency and community-driven development. This transparency means that numerous eyes are on the code, which can lead to rapid bug detection and fixes. However, it also means potential vulnerabilities are laid bare for all, including malicious actors, to see. 

Why This Matters

With significant players like Coinbase, Binance, and Zengo affected the potential fallout could have been catastrophic, impacting millions of users and possibly causing billions in losses.

Read more about Binanceโ€™s position in the crypto landscape: 

Is Binance Too Big to Fail? DOJ Worries of Run on Exchange

Read more about Solana and its Web3 phone Saga: 

Solana Slashes Price of Its Saga Phone Amid Disappointing Sales

This article is for information purposes only and should not be considered trading or investment advice. Nothing herein shall be construed as financial, legal, or tax advice. Trading forex, cryptocurrencies, and CFDs pose a considerable risk of loss.

Tags
Author
David Marsanic

David Marsanic is DailyCoinโ€™s journalist, focusing on Solana and crypto exchanges. David currently doesnโ€™t hold any crypto.

Read more