Security firm discovers $500M vulnerability in Tron multisig accounts

A research team at dWallet Labs has discovered a zero-day vulnerability in Tron multisig accounts, allowing an attacker to bypass the multisignature mechanism and sign transactions with a single signature.

In a technical breakdown post, the research team said the vulnerability could have impacted $500 million in assets held in Tron multisig accounts. This is because it allows any signer to “completely overcome the multisig security offered by TRON.”

0d, our superstar cybersecurity research team, discovered a vulnerability in TRON multisig accounts putting over $500M of digital assets at risk – it was disclosed and fixed so there are no user assets at risk now.

A technical breakdown:

Cointelegraph reached out to Tron for comments but did not receive a response.

In other news, another decentralized finance protocol recently suffered a $7.5 million exploit. On May 28, blockchain security firm PeckShield reported that Arbitrum-based Jimbos Protocol was hacked, resulting in the loss of 4,000 Ether (ETH).

Magazine: US and China try to crush Binance, SBF’s $40M bribe claim