The Nanex crypto exchange, based on the Nano cryptocurrency, lost some of its funds due to a vulnerability in the Haven Protocol (XHV) wallet. This is written by Cryptovest.
Please note that we are working on finding potential solutions for the victims of the recent attack that lost XHV, regardless of the success of the law enforcement operation to restore stolen funds. If all the other options do not succeed, we will probably begin to allocate trade commissions for reimbursement.
The Nanex team stated that it had not been notified by Haven Protocol representatives that there was a vulnerability in the wallet borrowed from Monero, on the basis of which XHV was created.
In its blog Nanex writes:
“In the afternoon, Nanex monitoring systems recorded errors in the output of XHV. As a result of the investigation, it was found that the XHV wallet software reported an insufficient balance, despite the successful passage of all our internal checks.”
The last time Nanex updated the purse of the Haven Protocol on June 7 in connection with the planned hard fork. However, the Exchange team was not aware of another update designed to eliminate the vulnerability that migrated to the code base of cryptocurrency from Monero.
“Unfortunately, the Haven Protocol team made only one announcement in its Discord, which belonged to another exchange, and did not contact us directly regarding the update of the wallet. According to our requirements, teams of all coins that get on our stock exchange should directly inform us of any updates, especially if they concern vulnerabilities,” writes Nanex.
The exchange also did not find this vulnerability in other Montero-based cryptocurrencies, because at the time Monero was added to its listing, the vulnerability in the original cryptocurrency code had already been eliminated.
After discovering the vulnerability, Nanex immediately stopped trading the Haven Protocol. According to preliminary estimates, the amount of damage was $ 36,541.12 at the rate of XHV at the time of the break-in.