Lido DAO discovered a security vulnerability in Ethereum protocol 

Lido DAO discovered a security vulnerability in Ethereum protocol 

Lido discovered a security vulnerability in Ethereum protocol, involving Node Operator InfStones.

Liquid staking solution Lido has discovered a security vulnerability on its Ethereum protocol in the last 24 hours, specifically involving one of its Node Operators, InfStones. This issue, initially discovered a few months ago, was formally reported to InfStones in July 2023. InfStones has since confirmed that they have resolved the issue.

The core of the concern was the potential unauthorized access to root-level privileges on up to 25 validator servers. These servers, not necessarily linked to the Lido protocol, could have exposed sensitive information, including key materials, to external threats. It remains uncertain whether the servers or keys connected to Lido validators were compromised.

Currently, Lido DAO’s team is collaborating closely with InfStones to conduct a thorough investigation into the breach. This effort aims to ascertain the full extent and potential repercussions of the incident. In the context of this incident, Web3 security experts at Holborn have observed a noticeable increase in the frequency and severity of off-chain attacks in recent times.

The experts emphasize that this latest incident underscores the need for continuous and comprehensive auditing of infrastructure to preemptively identify and mitigate such vulnerabilities.


Follow Us on Google News

FOLLOW US ON GOOGLE NEWS

Read original article here

Denial of responsibility! Web Times is an automatic aggregator of the all world’s media. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials, please contact us by email – webtimes.uk. The content will be deleted within 24 hours.

Leave a Comment