What appeared to be a large transfer of XRP was later tied to a bad actor attempting to hack into crypto exchange Bitfinex.
According to Bifinex CTO and Tether CEO Paolo Ardoino, an unknown entity attempted to use the XRP Ledger’s “partial payment” feature, which allows users to send less than the specified amount in a transfer, to attack the exchange.
The hack attempt flagged whale-watching service Whale Alert’s systems, which sent out a now-deleted reporting that nearly half the entire XRP supply was sent in one single transfer.
Ardoino,
“Someone attempted to attack Bitfinex via ‘Partial Payments Exploit.’ [The] attack failed since Bitfinex properly handles ‘delivered_amount’ data field.”
A partial payments exploit attempt hopes that the receiver only reads the “amount” field instead of also looking at the “delivered” field, and then confirms the entire transaction and becomes forced to return the difference to the sender in credit. However, as Ardoino notes, BItfinex’s systems are properly configured to handle such exploit attempts on the XRPL.
Responding to Whale Alert’s flagging of the massive false transaction, cryptographer and former Ripple Labs executive Nik Bougalis explained the exploit attempt in more detail.
“This tweet is misleading. The transaction in question did not transfer 25B XRP.
The Whale Alert code is misunderstanding what this transaction did and, as a result, it is misreporting.
It’s a partial payment, and in reality moved just a few cents.”
