/biz/ - Business & Finance

I'm fucking sweating right now, lost 4000 LINK on one of my hardware wallets

Trying to transfer everything off the other two before it's too late

>>21428626
Holy shit..they are selling the exploits on deepweb too. This is really bad bros

>What is this exploit?
There's a security layer in LINK's source code that deals with storage ticks. Basically, even in cold storage where they're untouched, there's a cache protocol that will occasionally ping public wallet addresses to verify their contents. Unfortunately, LINK has a slightly different version of this protocol in order to make micro-pings for staking purposes. Most staking rewards are going to be really small transfers, so the LINK devs lowered the tick rate for these pings. However, if you're using a hardware wallet, your storage is operating at the NORMAL tick rate, creating a cache gap where someone can use an SLQ% injection to gain access to your wallet. There's already been many posts of Anons opening up their wallets to find all their tokens transferred out to mysterious addresses, losing tens if not hundreds of thousands of dollars.

>Does this affect other tokens in my hardware wallet?
No, as this isn't a vulnerability with the wallet so much as Chainlink specifically. Other tokens, even on wallets that have been affected by the exploit, are safe.

>I haven't touch my wallet in years! Can someone really randomly gain access and steal my LINK?
Sadly, yes. This affects PUBLIC addresses, and these are most likely being chosen at random.

>I have my LINK on a hardware wallet! What do I do?
Either transfer them to a paper wallet (safest), an exchange, or trade for fiat.

>Can this be patched?
Yes, but it will take time. This isn't something that can be done in one week, as it's tied to the security layers focused on staking. These have to be rewritten very cautiously, else other major functions of the LINK source code can break.

>>21428626
link to that thread op?

>>21428626
this is not real

>>21428719
No can do. This site encodes the user's IP into the URL to identify leaks. Sorry.

>>21428680
Thanks, just bought 100k exploits

>>21428626
>Phil mabags
>Fill by bags
God us linkies sure are bored as shit waiting for the singularity aren't we?

>>21428626
>Phil Mabags

>>21428626
This is not true.

>>21428743
lying sack of shit lol.

Holy fuck HOLYFUCK what the fuck are we gonand DO?

>>21428743
You could've sent a tor link leading to a cp central site instead you do this low effort shit 0/10 made me reply

>>21428778

Fuck, im devastated, just lost 100k links recently because that shit, probably they're going tovtarget Sergey or another Link Whale wallet. And dump this shit to 1$ or less, gtfo of this bugged shit

>>21428882
Why would I send people I care about to a dangerous website?