Coinbase Bug Could Have Allowed Anyone To Give Themselves Ether For Free


Various cryptocurrency exchanges have received its fair share of justified criticism. They can potentially be high-value targets for numerous criminals; they are easily affected by tech issues, and easy to hide from the IRS. Luckily, thanks to a bug report that was revealed by VI Company, a financial security outfit, a nasty bug in the cryptocurrency system of Coinbase has been discovered and fixed. The researchers discovered that users would be able to add unlimited ether to their account in Coinbase with some steps that are simple and easily replicated.

According to a report that was published on the HackerOne website, the Dutch financial security team discovered the said flaw when it was planning to give the employees of the company some ether as a Christmas present last December.

A set of digital wallets that are making use of a smart contract could be deceived into thinking that a transfer of the ether cryptocurrency had happened when it had not. This would have enabled any customer of Coinbase to fictitiously move as much ether as they wanted into their account. Whether they could have been able to cash it out in some way is another matter. However, the bug has already been fixed by Coinbase, who also gave a $10,000 bug bounty to VI Company.