• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
critical flaw reported in move virtual machine powering the aptos

Critical Flaw Reported in Move Virtual Machine Powering the Aptos Blockchain Network

You are here: Home / General Cyber Security News / Critical Flaw Reported in Move Virtual Machine Powering the Aptos Blockchain Network
October 22, 2022

Scientists have disclosed particulars about a now-patched critical flaw in the Go digital device that powers the Aptos blockchain network.

The vulnerability “can induce Aptos nodes to crash and bring about denial of service,” Singapore-primarily based Numen Cyber Labs reported in a technological generate-up published earlier this month.

Aptos is a new entrant to the blockchain area, which released its mainnet on Oct 17, 2022. It has its roots in the Diem stablecoin payment process proposed by Meta (née Fb), which also released a small-lived electronic wallet termed Novi.

✔ Approved From Our Partners
AOMEI Backupper Lifetime

Protect and backup your data using AOMEI Backupper. AOMEI Backupper takes secure and encrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper you will never be worried about loosing your data anymore.

Get AOMEI Backupper with 72% discount from an authorized distrinutor of AOMEI: SerialCart® (Limited Offer).

➤ Activate Your Coupon Code


CyberSecurity

The network is crafted employing a system-agnostic programming language known as Move, a Rust-based program that’s designed to carry out and execute smart contracts in a safe runtime environment, also acknowledged as the Shift Virtual Machine (aka MoveVM).

The vulnerability discovered by Numen Cyber Labs is rooted in the Shift language’s verification module (“stack_utilization_verifier.rs”), a component that validates the bytecode recommendations prior to its execution in MoveVM.

CyberSecurity

Precisely, it relates to an integer overflow vulnerability in the stack-primarily based Web3 programming language that could outcome in undefined habits and therefore crashes.

“Due to the fact this vulnerability takes place in the Go execution module, for nodes on the chain, if the bytecode code is executed, it will bring about a [Denial-of-Service] attack,” the cybersecurity organization described.

“In significant cases, the Aptos network can be entirely stopped, which will trigger incalculable problems, and have a severe impact on the stability of the node.”

Located this report appealing? Observe THN on Facebook, Twitter  and LinkedIn to examine a lot more special articles we submit.


Some components of this short article are sourced from:
thehackernews.com

Previous Post: «Cyber Security News New Phishing Campaign Targets Saudi Government Service Portal
Next Post: The sooner the FIDO Alliance can shut down passwords, the better the sooner the fido alliance can shut down passwords, the»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • Cybercriminals Using New ASMCrypt Malware Loader Flying Under the Radar
  • Lazarus Group Impersonates Recruiter from Meta to Target Spanish Aerospace Firm
  • Post-Quantum Cryptography: Finally Real in Consumer Apps?
  • Microsoft’s AI-Powered Bing Chat Ads May Lead Users to Malware-Distributing Sites
  • Progress Software Releases Urgent Hotfixes for Multiple Security Flaws in WS_FTP Server
  • Cisco Warns of Vulnerability in IOS and IOS XE Software After Exploitation Attempts
  • GitHub Repositories Hit by Password-Stealing Commits Disguised as Dependabot Contributions
  • China’s BlackTech Hacking Group Exploited Routers to Target U.S. and Japanese Companies
  • The Dark Side of Browser Isolation – and the Next Generation Browser Security Technologies
  • China-Linked Budworm Targeting Middle Eastern Telco and Asian Government Agencies

Copyright © TheCyberSecurity.News, All Rights Reserved.