Casper Network Uref Bypass Wallet Draining

From Quadriga Initiative Cryptocurrency Hacks, Scams, and Frauds Repository
Revision as of 13:56, 25 October 2024 by Azoundria (talk | contribs) (Created page with "{{Imported Case Study With About|source=https://www.quadrigainitiative.com/casestudy/caspernetworkurefbypasswalletdraining.php}} {{Unattributed Sources}} thumb|Casper Network Logo/HomepageCasper Network is a proof of stake network with finality and limited numbers of validators. Late on July 25th, a vulnerability started to be exploited which allowed a total of 13 wallets to be drained. The team behind Casper Network was ultimately able to blo...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Notice: This page is a freshly imported case study from an original repository. While the original content had a similar format, some sections may not have been fully completed. Please help fill in any empty sections or any missing information you can find. If you are new here, please read General Tutorial on Wikis or Anatomy of a Case Study for help getting started.

Notice: This page contains sources which are not attributed to any text. The unattributed sources follow the initial description. Please assist by visiting each source, reviewing the content, and placing that reference next to any text it can be used to support. Feel free to add any information that you come across which isn't present already. Sources which don't contain any relevant information can be removed. Broken links can be replaced with versions from the Internet Archive. See General Tutorial on Wikis, Anatomy of a Case Study, and/or Citing Your Sources Guide for additional information. Thanks for your help!

Casper Network Logo/Homepage

Casper Network is a proof of stake network with finality and limited numbers of validators. Late on July 25th, a vulnerability started to be exploited which allowed a total of 13 wallets to be drained. The team behind Casper Network was ultimately able to block finality on their network and perform an upgrade to resolve the original issue. However, it is unclear what is being done to compensate users who were affected by the exploit.[1][2][3][4][5][6][7][8][9][10][11][12][13][14][15][16][17]

About Casper Network

"Instant Finality public blockchain Casper offers instant finality, while keeping transaction costs low, and being easy to build on."

"Casper is a new Turing-complete smart-contracting platform, backed by a Proof-of-Stake (PoS) consensus algorithm and WebAssembly (Wasm). The network is a permissionless, decentralized, public blockchain."

"The Casper Network was built based on the energy-efficient, proof-of-stake CBC Casper specifications, providing the scale, industry-leading security, and predictable cost-effective gas model to deliver the new standard for AI Governance.

Casper Labs has been chosen by IBM for a groundbreaking solution aimed at enhancing the transparency and auditability of AI systems. The solution combines IBM’s watsonx.ai and leverages the Casper Network for managing, monitoring, and sharing AI data.

Casper is the ideal platform for managing AI data. It provides certified, tamper-proof, transparent, secure, and auditable data, building trust in generative AI."

The Reality

This sections is included if a case involved deception or information that was unknown at the time. Examples include:

  • When the service was actually started (if different than the "official story").
  • Who actually ran a service and their own personal history.
  • How the service was structured behind the scenes. (For example, there was no "trading bot".)
  • Details of what audits reported and how vulnerabilities were missed during auditing.

What Happened

"On July 26, 2024, Casper Network was attacked."

Key Event Timeline - Casper Network Uref Bypass Wallet Draining
Date Event Description
July 25th, 2024 11:00:00 PM MDT Team Aware Of Vulnerability The time at which the Casper Network team reportedly became aware of the vulnerability issue on the Casper Network. TBD - When actual vulnerability happened.
July 26th, 2024 4:54:00 AM MDT Security Video Posted A video is posted which features Matthew Doty, a Research Fellow at the Casper Association, discussing 'Building Secure Blockchain Solutions at Casper'.
July 26th, 2024 7:00:00 AM MDT Root Cause Determined The Casper Network identifies the root cause of the exploit on their network.
July 27th, 2024 1:50:00 AM MDT Casper Network Concensus Halt The Casper Network consensus mechanism is halted to prevent potential damage to additional accounts.
July 27th, 2024 4:31:00 AM MDT Casper Network Announcement The Casper Network tweets to announce that they have
July 27th, 2024 11:33:00 AM MDT Minor Situation Update The Casper Network tweets to notify their community that they continue to work on a resolution of the issue.
July 28th, 2024 8:28:00 AM MDT Minor Situation Update The Casper Network again tweets to notify their community that they continue to work on a resolution of the issue.
July 28th, 2024 11:30:00 AM MDT Situation Limited To Wallets "At this point, on 28 July 2024 at 17:30 UTC, the Casper Association is confident that the extent of the security breach is limited to under 15 accounts. All unauthorized transfers have been traced by Casper and related parties. "
July 29th, 2024 3:18:00 AM MDT Security Breach Tweet Posted "On July 26, 2024, a security breach on the Casper blockchain was detected. Casper Team/Community performed immediate actions including halting consensus and developing a patch."
July 29th, 2024 4:39:00 PM MDT Significant Progress Report The Casper Network team reports that they have been working diligently and making significant progress on resolving the exploit.
July 30th, 2024 3:18:00 AM MDT Event Rescheduled A tweet notes that a developer event has been rescheduled, likely due to the exploit.
July 30th, 2024 11:12:00 AM MDT Casper Network Update Casper Network provides an update
July 30th, 2024 4:10:00 PM MDT Casper Network Update "Casper Validators are meeting on Wednesday 31 July 2024 at 1400 UTC. In that meeting details of the upgrade will be provided. Once the validators accept the upgrade, they will then immediately resume consensus and minting of blocks"

Technical Details

"Casper Network discovered that malicious actors exploited a vulnerability that allowed a contract installer to bypass access rights checks on urefs, enabling them to grant the contract access to uref-based resources. This privilege escalation facilitated unauthorized access, including the ability to transfer tokens."

Total Amount Lost

"According to the preliminary report released by Casper Network on July 31, 13 wallets were affected in this incident. The total amount of illicit transactions is estimated to be around $6.7 million."

The total amount lost has been estimated at $6,700,000 USD.

Immediate Reactions

"Following the attack, Casper Network tweeted that they had worked with validators to pause the network in order to minimize the impact of the security vulnerability until it could be patched."

"Following the analysis on Friday 26 July 2024, the Casper team and partners involved started to develop a patch for the problem. It was established at that time that a limited number of accounts had been targeted to obtain CSPR without proper authorization from the owners of those accounts."

Ultimate Outcome

"In the early morning hours (CET) on Saturday 27 July 2024 it became clear that tracing and recovering those misappropriated funds may become difficult without immediately preventing further dispersion.

A subset of validators joined in coordination to halt the consensus and block production to enable a patch to be thoroughly tested before staging an update to the Casper blockchain. Consensus was halted on 27 July 2024 at 07:50 UTC."

Total Amount Recovered

There do not appear to have been any funds recovered in this case.

What funds were recovered? What funds were reimbursed for those affected users?

Ongoing Developments

"The Casper Association and parties affected by this incident will conduct a thorough investigation, including working with proper authorities to recover any funds which may have been transferred without proper authorization."

Individual Prevention Policies

No specific policies for individual prevention have yet been identified in this case.

For the full list of how to protect your funds as an individual, check our Prevention Policies for Individuals guide.

Platform Prevention Policies

Policies for platforms to take to prevent this situation have not yet been selected in this case.

For the full list of how to protect your funds as a financial service, check our Prevention Policies for Platforms guide.

Regulatory Prevention Policies

No specific regulatory policies have yet been identified in this case.

For the full list of regulatory policies that can prevent loss, check our Prevention Policies for Regulators guide.

References

  1. SlowMist Hacked - SlowMist Zone (Accessed Aug 8, 2024)
  2. Casper Network (Accessed Aug 16, 2024)
  3. Casper Network (Accessed Aug 16, 2024)
  4. Casper Network (Accessed Aug 16, 2024)
  5. What is Casper? | Casper (Accessed Aug 16, 2024)
  6. @Casper_Network Twitter (Accessed Aug 16, 2024)
  7. @Casper_Network Twitter (Accessed Aug 16, 2024)
  8. @Casper_Network Twitter (Accessed Aug 16, 2024)
  9. @Casper_Network Twitter (Accessed Aug 16, 2024)
  10. @Casper_Network Twitter (Accessed Aug 16, 2024)
  11. @Casper_Network Twitter (Accessed Aug 16, 2024)
  12. @Casper_Network Twitter (Accessed Aug 16, 2024)
  13. @Casper_Network Twitter (Accessed Aug 16, 2024)
  14. - YouTube (Accessed Aug 16, 2024)
  15. https://cointelegraph.com/news/casper-network-halts-operations-security-breach (Accessed Aug 16, 2024)
  16. Alert : Casper Network Became Victim to a Crypto Hack! (Accessed Aug 16, 2024)
  17. Due to blockchain hacking, the Casper cryptocurrency rate collapsed by 14% (Accessed Aug 16, 2024)
Retrieved from "https://quadrigainitiative.com/cryptocurrencyhackscamfraudwiki/index.php?title=Casper_Network_Uref_Bypass_Wallet_Draining&oldid=6269"