Millions of dollars worth of cryptocurrency have been frozen after an Ethereum user 'accidentally' discovered a major vulnerability in his Parity wallet.
The company behind the popular wallet software used to store and trade Ethereum, Parity released a security advisory in which it explained how the critical issue affects multi-sig wallets. It has since frozen all multi-sig wallets that are estimated to contain around $150 million of the growing cryptocurrency.
The exploit was discovered by an Ethereum user called devops199 that was able to make himself the owner of a contract which he then decided to 'kill' by removing a line of the library's code. By editing the code, all of the Parity multi-sig wallets tied to the contract became unusable and their funds were made inaccessible.
Parity offered further details on the exploit's discovery, saying:
"It would seem that issue was triggered accidentally 6th Nov 2017 02:33:47 PM +UTC and subsequently a user suicided the library-turned-into-wallet, wiping out the library code which in turn rendered all multi-sig contracts unusable since their logic (any state-modifying function) was inside the library."
If exploited by attackers, the exploit could prove quite troublesome for cryptocurrency trading as it would allow other traders to become owners of multi-sig wallets and access the funds inside them.
However, Parity has taken preventative measures by freezing all dependent mult-sig wallets deployed after July 20th with the aim of stopping the bug from being exploited by malicious third parties.
Image Credit: Geralt / Pixabay