<img src="https://crypto.news/app/uploads/2023/09/crypto-news-ethereum-logo-light-green-and-white-and-black-blurry-background-v5.2.jpg” />
Lido discovered a security vulnerability in the ethereum protocol, involving the node operator InfStones.
Liquid staking solution Lido has discovered value vulnerability on its ethereum protocol in the last 24 hours, specifically involving one of its Node Operators, InfStones. This issue, initially discovered a few months ago, was formally reported to InfStones in July 2023. InfStones has since confirmed that they have resolved the issue.
The core of the concern was possible unauthorized access to root-level privileges on up to 25 validator servers. These servers, not necessarily linked to the Lido protocol, could have exposed sensitive information, including key materials, to external threats. It is not yet known whether the servers or keys connected to Lido validators were compromised.
The Lido DAO team is currently working closely with InfStones to conduct a thorough investigation into the breach. This effort is intended to determine the full scope and potential repercussions of the incident. In the context of this incident, Web3 security experts from ethereum-node-operator-infstones-platform-vulnerability-investigation-november-22-2023/6001″ target=”_blank” rel=”noopener”>Holborn We have seen a notable increase in the frequency and severity of off-chain attacks in recent times.
Experts emphasize that this latest incident underscores the need for continuous and comprehensive infrastructure auditing to preemptively identify and mitigate such vulnerabilities.
