"Polygon Bug Put $23 Billion in Cryptocurrency at Risk"

On December 3, white hat hackers at the bug bounty platform Immunefi discovered a vulnerability in Polygon, a framework used to build Ethereum-compatible blockchain networks. The bug would have put 9,276,584,332 MATIC, worth almost $23 billion, at risk. MATIC is the cryptocurrency of the Polygon network. With help from Immunefi, Polygon's core development team was able to fix the critical network vulnerability. It was found in the network's proof-of-stake genesis contract. Before the Polygon team addressed it, a malicious hacker exploited the bug to steal about 801,601 MATIC, worth nearly $2 million at the time. According to Immunefi, the vulnerability stemmed from a lack of balance/allowance checks in the transfer function of Polygon's MRC20 contract. An attacker would have been able to steal all available MATIC from that contract by exploiting the bug. Polygon paid the two white hat hackers who discovered the vulnerability a total bounty of $3.46 million. This article continues to discuss the Polygon bug that put $23 billion worth of MATIC at risk and concerns surrounding how Polygon addressed the vulnerability. 

BankInfoSecurity reports "Polygon Bug Put $23 Billion in Cryptocurrency at Risk"