Nintendo Shares Slide After Earnings Miss Raises Switch 2 Margin Concerns 
Instagram Outage Disrupts Thousands of U.S. Users 
AMD Shares Slide Despite Earnings Beat as Cautious Revenue Outlook Weighs on Stock 
Alphabet’s Massive AI Spending Surge Signals Confidence in Google’s Growth Engine 
Nvidia CEO Jensen Huang Says AI Investment Boom Is Just Beginning as NVDA Shares Surge 
OpenAI Expands Enterprise AI Strategy With Major Hiring Push Ahead of New Business Offering 
Nvidia Nears $20 Billion OpenAI Investment as AI Funding Race Intensifies 
SoftBank and Intel Partner to Develop Next-Generation Memory Chips for AI Data Centers 
Tencent Shares Slide After WeChat Restricts YuanBao AI Promotional Links 
Amazon Stock Rebounds After Earnings as $200B Capex Plan Sparks AI Spending Debate 
SpaceX Updates Starlink Privacy Policy to Allow AI Training as xAI Merger Talks and IPO Loom 
TSMC Eyes 3nm Chip Production in Japan with $17 Billion Kumamoto Investment 
Elon Musk’s SpaceX Acquires xAI in Historic Deal Uniting Space and Artificial Intelligence 
Jensen Huang Urges Taiwan Suppliers to Boost AI Chip Production Amid Surging Demand 
Sony Q3 Profit Jumps on Gaming and Image Sensors, Full-Year Outlook Raised 
Anthropic Eyes $350 Billion Valuation as AI Funding and Share Sale Accelerate 
A poorly designed Ethereum app led to the hacking of $20 million worth of Ether, Cointelegraph has reported. Attackers exploited the vulnerability present in a Remote Procedure Call (RPC), which allows third parties to access and interact with the data within.
The attackers exploited port 8545, where the RPC had been left enabled by developers for some reason. This allowed the hackers to compile and make off with sensitive miner and wallet information. It provided these illicit third parties with access to private keys and the chance to peek into the port owners' personal data and consequently transfer funds.
For this reason, the RPC interface is usually disabled. And even if it is open, it’s generally designed to give access to apps that are operating only locally.
It’s still unclear why the app developers enabled port 8545’s RPC – maybe they were configuring something – but it gave the hackers backdoor entry. In short, human error is likely the culprit in such a large loss yet again.
Incidentally, attention was already called to this vulnerability by Qihoo 360 Net Lab in March. During the time, an attacker got only 3.96234 worth of Ether, which was valued at about $2,000 to $3,000 then.
Netlab developers added that hackers are continuing to scan port 8545 hoping to find any other RPC interface that has been left open. With the success of this recent heist, other illicit actors will surely want to join the fray.
While this is grim news for the victims, the increase in hacking incidents will only make Ether and other cryptocurrencies resistant to this kind of attack in the future, according to some experts. Blockstar CEO Christian Ferri said that hacking incidents will always be painful for some in the short run, but will play a significant role in creating a more secure framework for the crypto industry in the future.
Indeed, vulnerabilities like this will definitely contribute to the guidelines that will govern how blockchain companies operate in order to make a habit of plugging these threats and risks. Ethereum developers and co-founder Vitalik Buterin have yet to comment on the attack.
