- Tree of Alpha hacker discovered a bug in Coinbase Advanced Trading Beta
- An error allowed him to change the currency account in the BTC/USD pair on SHIBA
- In theory such an exploit could lead to billions in losses
- The hacker received a reward of 100 thousand dollars for the information received
Anonymous white hat hacker Tree of Alpha discovered a bug in the beta version of Coinbase Advanced Trading. For the honest disclosure of the exploit, he received a reward in the amount of 100 thousand dollars.
In contrast to the usual user interface, the Advanced Trading platform allows you to use advanced trading tools. But, apparently, Coinbase has yet to finalize it.
Tree of Alpha hacker discovered a critical vulnerability that could cost the portal billions in losses. He used an exploit to change the source of payment in currency orders.
So, for example, he could place a BTC/USD order at 02 bitcoins by manually setting the source of redemption to an account with SHIBA (the value of the “coin” is 0,000026 dollars). Changes are made through the platform’s API.
If a hacker were to exploit this vulnerability, they would disrupt the entire market. However, Tree of Alpha did not abuse the discovered bug, contacting Coinbase to fix the problem.
The hacker confirmed on his Twitter page that he received an award for this at 100 one thousand dollars. In fact, this is the largest payout for a found exploit in the history of the company.
Now the bug has already been fixed. There is no data on victims of the vulnerability. Apparently, the “hole” was patched up before the image of the trading platform was “tarnished”. We previously reported that Coinbase has ambitious plans for the coming year. The company said it is opening an additional 2,000 positions in product development, engineering and design.
