Bitfinex and Binance Successfully Thwart $15 Billion XRP Attack

a stealer virus above Binance and Bitfinex banners

Bitfinex and Binance emerged victorious against a potential $15 billion XRP attack orchestrated by an assailant exploiting a flaw in the XRP Ledger’s partial payments feature. The attacker sought to transfer a substantial XRP sum from an undisclosed wallet to the exchanges, aiming to manipulate the ‘delivered_amount’ data field. Both exchanges, Bitfinex and Binance, effectively thwarted the assault by adeptly handling the critical data field, safeguarding against a significant financial threat.

XRP Ledger’s Partial Payments Exploit

In a recent incident, an attacker aimed to compromise the security of Bitfinex and Binance by exploiting a vulnerability within the XRP Ledger’s partial payments feature. This assailant attempted to transfer nearly $15 billion worth of XRP from an undisclosed wallet to the exchanges, endeavoring to deceive them by manipulating the ‘delivered_amount’ data field. However, both Bitfinex and Binance adeptly blocked the attack, demonstrating their robust security measures in handling such potential threats.

The XRP Ledger’s partial payments feature is designed to allow users to send an amount of XRP smaller than specified in the transaction, with the recipient’s agreement. While this feature can be beneficial for transactions with different exchange rates or fees, it also poses a risk of exploitation by malicious actors attempting to deceive the recipient into thinking they received the full amount.

WhaleAlert Report

Whale Alert, a blockchain tracking and analytics system, initially reported the incident on January 14, 2024. The tweet claimed a transaction of 25.6 billion XRP, approximately $14.8 billion, was sent from an unknown wallet to Bitfinex, representing nearly half of the XRP circulating supply. However, Whale Alert later deleted the tweet, citing issues with reading the Ripple node response that resulted in an inaccurate alert.

Paolo Ardoino Explains

Paolo Ardoino, Chief Technology Officer of Bitfinex, disclosed that the transaction was an attempted attack on the exchange through what he referred to as a “partial payments exploit.” The attacker sought to exploit the assumption that Bitfinex’s system only reads the “amount” field, displaying 25.6 billion XRP, while sending a significantly smaller amount specified in the “delivered_amount” field. The goal was for Bitfinex to credit the difference to the attacker’s account, allowing them to profit from the discrepancy.

Bitfinex Aware of the Flaw

Fortunately, Ardoino revealed that Bitfinex’s system thwarted the attack by correctly handling the “delivered_amount” data field, which accurately showed the received amount as 0.000001 XRP, or about $0.0000006. He emphasized that Bitfinex has been aware of this vulnerability since 2017 and has implemented the necessary safeguards to prevent such attacks.

In a tweet, he wrote:

“Someone attempted to attack @bitfinex via “Partial Payments Exploit”. Attack failed since Bitfinex properly handles ‘delivered_amount’ data field. https://xrpl.org/partial-payments.html…

A Similar Attack On Binance

The same attacker attempted a similar attack on Binance, a major cryptocurrency exchange, with a transaction of 58.9 billion XRP, worth about $34 billion. However, Binance’s robust security protocols also effectively handled the “delivered_amount” data field, thwarting the attack. Richard Teng, Binance’s CEO, confirmed that the exchange was not affected and expressed gratitude to Ardoino for sharing the crucial information.

This attempted attack on Bitfinex and Binance underscores the paramount importance of implementing stringent security measures to safeguard cryptocurrency exchanges and users from potential malicious activities. It serves as a stark reminder for users to comprehend the features and risks associated with platforms like the XRP Ledger. Proper usage of the partial payments feature can offer flexibility and convenience, but misuse or neglect can expose users to potential losses or fraudulent activities.

Author: Jinka

Jinka is a self-trained crypto journalist, passionate about happenings in the industry.