The Casper network recently faced a setback when it was attacked on 26 July, resulting in illicit transactions totaling $6.7 million. However, the core team behind the blockchain quickly identified the issue, provided a fix, and manually updated validators to address the vulnerability. They also conducted a thorough scan of the entire chain to identify and remove any illicit transactions from the genesis block.
Fortunately, the efforts paid off, and Casper has now resumed operations with consensus being restored, and network transactions are once again being validated. The team expressed their gratitude for the decentralized effort that involved validators, engineers, and other parties in resolving the security incident.
According to a report published by Casper, the incident was detected on 26 July 2024, and the root cause was identified later that day. A subset of validators agreed to pause consensus on 27 July 2024 to address the issue. It was found that the attackers exploited a vulnerability that allowed them to bypass access rights checks and gain unauthorized access to uref based resources, enabling them to transfer tokens illicitly.
Following the pause, 64 Casper validators representing 85% of the CSPR tokens staked in the network unanimously agreed to restart operations after updating their nodes with the patch provided by the Casper team. This patch included a new Casper-node binary and configuration files to enhance security measures.
As the network resumed operations, two blocks containing four transactions related to the attack were orphaned to mitigate their impact on the network. A total of 13 wallets were affected by the attack, but the Casper team ensured that they were compensated for any losses resulting from the breach.
Overall, the incident highlighted the importance of swift detection and response to security threats in the blockchain space. Casper’s proactive approach in addressing the attack and involving key stakeholders in the resolution process demonstrates their commitment to maintaining the integrity and security of the network. Moving forward, continuous monitoring and updates will be essential to prevent similar incidents and safeguard the network against potential threats.