Skip to main content

Ethereum wallets locked after major vulnerability found

(Image credit: Image Credit: Geralt / Pixabay)

Millions of dollars worth of cryptocurrency have been frozen after an Ethereum user 'accidentally' discovered a major vulnerability in his Parity wallet. 

The company behind the popular wallet software used to store and trade Ethereum, Parity released a security advisory in which it explained how the critical issue affects multi-sig wallets.  It has since frozen all multi-sig wallets that are estimated to contain around $150 million of the growing cryptocurrency.

The exploit was discovered by an Ethereum user called devops199 that was able to make himself the owner of a contract which he then decided to 'kill' by removing a line of the library's code. By editing the code, all of the Parity multi-sig wallets tied to the contract became unusable and their funds were made inaccessible. 

Parity offered further details on the exploit's discovery, saying: 

"It would seem that issue was triggered accidentally 6th Nov 2017 02:33:47 PM +UTC and subsequently a user suicided the library-turned-into-wallet, wiping out the library code which in turn rendered all multi-sig contracts unusable since their logic (any state-modifying function) was inside the library."   

If exploited by attackers, the exploit could prove quite troublesome for cryptocurrency trading as it would allow other traders to become owners of multi-sig wallets and access the funds inside them.    

However, Parity has taken preventative measures by freezing all dependent mult-sig wallets deployed after July 20th with the aim of stopping the bug from being exploited by malicious third parties. 

Image Credit: Geralt / Pixabay

Anthony Spadafora
After living and working in South Korea for seven years, Anthony now resides in Houston, Texas where he writes about a variety of technology topics for ITProPortal.