- The 15 billion XRP transfer to Bitfinex reported by Whale Alert never actually happened; it was part of a failed hacking attempt using a partial payments exploit.
- The hacker assumed Bitfinex had misconfigured software and would read only the inflated amount, but Bitfinex properly handles the delivered amount so the attack failed.
- The hack attempt also targeted Binance but failed; it shows exchanges need to carefully configure systems to avoid similar exploits and stay vigilant.
A supposed 15 billion XRP transaction from an unknown wallet to Bitfinex made headlines recently. However, it turns out the transfer never actually happened and was part of a failed hacking attempt.
The Story Behind the Headlines
On January 14, blockchain tracker Whale Alert highlighted a massive 256 billion XRP transaction apparently moving from an unknown wallet to Bitfinex. This enormous transfer amounted to almost half the total supply of XRP. Shortly after, Whale Alert deleted the post and clarified there had been an issue interpreting the Ripple node response.
Uncovering the Exploit Attempt
According to Bitfinex CTO Paolo Ardoino, the “transaction” was actually an attempted attack on the exchange through a partial payments exploit. The hacker likely assumed Bitfinex had misconfigured software and would only read the inflated amount field of the transaction rather than the actual delivered amount. However, Bitfinex properly handles the delivered amount field, so the attack failed.
The Aftermath
Per blockchain data, the attacker also unsuccessfully targeted Binance with a purported 589 billion XRP transfer. Bitfinex emerged unscathed from the incident. The partial payments exploit attempt serves as a reminder to exchanges to carefully configure their systems to avoid similar hacking efforts.
The reported 15 billion XRP transaction made waves in the crypto community initially, but turned out to be a non-event. Instead, it was a failed hacking attempt that demonstrated the resilience of Bitfinex’s systems against exploits. The episode illustrates the need for exchanges to stay vigilant against attacks aimed at capitalizing on potential software vulnerabilities.
