{"id":9044,"date":"2021-05-21T02:19:31","date_gmt":"2021-05-21T00:19:31","guid":{"rendered":"https:\/\/conference.hitb.org\/hitbsecconf2023ams\/?post_type=session&#038;p=9044"},"modified":"2023-05-11T03:03:53","modified_gmt":"2023-05-11T03:03:53","slug":"xrp-raid-protector-killing-a-critical-bug-worth-40-billion-dollars","status":"publish","type":"session","link":"https:\/\/conference.hitb.org\/hitbsecconf2023ams\/session\/xrp-raid-protector-killing-a-critical-bug-worth-40-billion-dollars\/","title":{"rendered":"XRP Raid Protector: Killing a Critical Bug Worth 40 Billion Dollars"},"content":{"rendered":"<p><iframe title=\"#HITB2023AMS D1T2 - XRP Raid Protector: Killing A Critical Bug Worth 40 Billion Dollars - Haoyu Yang\" width=\"800\" height=\"450\" src=\"https:\/\/www.youtube.com\/embed\/c9zZ3aMAyDs?feature=oembed\" frameborder=\"0\" allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share\" allowfullscreen><\/iframe><\/p>\n<p><a href=\"https:\/\/conference.hitb.org\/hitbsecconf2023ams\/materials\/D1T2%20-%20XRP%20Raid%20Protector%20-%20Killing%20a%20Critical%20Bug%20Worth%2040%20%20Billion%20Dollars%20-%20Haoyu%20Yang.pdf\">PRESENTATION SLIDES (PDF)<\/a><\/p>\n<hr \/>\n<p style=\"text-align: justify;\">XRP token is one of the most popular cryptocurrencies in the world. It was rated 6th with a market capitalization of about 40 billion dollars among all crypto currencies. Tokens with a value of billions of dollars are being traded every single day.<\/p>\n<p style=\"text-align: justify;\">In this presentation, we\u2019ll <strong>uncover an 8-year-old P2P RCE vulnerability of XRP Ledger<\/strong> which an attacker can leverage to attack node servers of XRP Ledger in low cost and could ideally <strong>steal crypto assets from any address on XRP Ledger<\/strong>. The total value of affected crypto assets is over 40 billion dollars. This is one of the most threatening known vulnerabilities against a single type of digital currency assets.<\/p>\n<p style=\"text-align: justify;\">We\u2019ll take you dive into the vulnerability and explore the RCE exploit. Considering the decentralization feature, we\u2019ll explore different ways of gaining profits through blockchain RCE vulnerabilities. Our experiment results prove that <strong>this vulnerability allows an attacker to take control of the whole XRPL network. We\u2019ll discuss the experiment and release an attack with demo video.<\/strong><\/p>\n","protected":false},"template":"","class_list":["post-9044","session","type-session","status-publish","hentry"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v23.3 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>XRP Raid Protector: Killing a Critical Bug Worth 40 Billion Dollars - HITBSecConf2023 - Amsterdam<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/conference.hitb.org\/hitbsecconf2023ams\/session\/xrp-raid-protector-killing-a-critical-bug-worth-40-billion-dollars\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"XRP Raid Protector: Killing a Critical Bug Worth 40 Billion Dollars - HITBSecConf2023 - Amsterdam\" \/>\n<meta property=\"og:description\" content=\"PRESENTATION SLIDES (PDF) XRP token is one of the most popular cryptocurrencies in the world. It was rated 6th with a market capitalization of about 40 billion dollars among all crypto currencies. Tokens with a value of billions of dollars are being traded every single day. In this presentation, we\u2019ll uncover an 8-year-old P2P RCE [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/conference.hitb.org\/hitbsecconf2023ams\/session\/xrp-raid-protector-killing-a-critical-bug-worth-40-billion-dollars\/\" \/>\n<meta property=\"og:site_name\" content=\"HITBSecConf2023 - Amsterdam\" \/>\n<meta property=\"article:modified_time\" content=\"2023-05-11T03:03:53+00:00\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"1 minute\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/conference.hitb.org\/hitbsecconf2023ams\/session\/xrp-raid-protector-killing-a-critical-bug-worth-40-billion-dollars\/\",\"url\":\"https:\/\/conference.hitb.org\/hitbsecconf2023ams\/session\/xrp-raid-protector-killing-a-critical-bug-worth-40-billion-dollars\/\",\"name\":\"XRP Raid Protector: Killing a Critical Bug Worth 40 Billion Dollars - HITBSecConf2023 - Amsterdam\",\"isPartOf\":{\"@id\":\"https:\/\/conference.hitb.org\/hitbsecconf2023ams\/#website\"},\"datePublished\":\"2021-05-21T00:19:31+00:00\",\"dateModified\":\"2023-05-11T03:03:53+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/conference.hitb.org\/hitbsecconf2023ams\/session\/xrp-raid-protector-killing-a-critical-bug-worth-40-billion-dollars\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/conference.hitb.org\/hitbsecconf2023ams\/session\/xrp-raid-protector-killing-a-critical-bug-worth-40-billion-dollars\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/conference.hitb.org\/hitbsecconf2023ams\/session\/xrp-raid-protector-killing-a-critical-bug-worth-40-billion-dollars\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/conference.hitb.org\/hitbsecconf2023ams\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Session\",\"item\":\"https:\/\/conference.hitb.org\/hitbsecconf2023ams\/session\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"XRP Raid Protector: Killing a Critical Bug Worth 40 Billion Dollars\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/conference.hitb.org\/hitbsecconf2023ams\/#website\",\"url\":\"https:\/\/conference.hitb.org\/hitbsecconf2023ams\/\",\"name\":\"HITBSecConf2023 - Amsterdam\",\"description\":\"#HITB2021AMS\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/conference.hitb.org\/hitbsecconf2023ams\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"XRP Raid Protector: Killing a Critical Bug Worth 40 Billion Dollars - HITBSecConf2023 - Amsterdam","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/conference.hitb.org\/hitbsecconf2023ams\/session\/xrp-raid-protector-killing-a-critical-bug-worth-40-billion-dollars\/","og_locale":"en_US","og_type":"article","og_title":"XRP Raid Protector: Killing a Critical Bug Worth 40 Billion Dollars - HITBSecConf2023 - Amsterdam","og_description":"PRESENTATION SLIDES (PDF) XRP token is one of the most popular cryptocurrencies in the world. It was rated 6th with a market capitalization of about 40 billion dollars among all crypto currencies. Tokens with a value of billions of dollars are being traded every single day. In this presentation, we\u2019ll uncover an 8-year-old P2P RCE [&hellip;]","og_url":"https:\/\/conference.hitb.org\/hitbsecconf2023ams\/session\/xrp-raid-protector-killing-a-critical-bug-worth-40-billion-dollars\/","og_site_name":"HITBSecConf2023 - Amsterdam","article_modified_time":"2023-05-11T03:03:53+00:00","twitter_card":"summary_large_image","twitter_misc":{"Est. reading time":"1 minute"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/conference.hitb.org\/hitbsecconf2023ams\/session\/xrp-raid-protector-killing-a-critical-bug-worth-40-billion-dollars\/","url":"https:\/\/conference.hitb.org\/hitbsecconf2023ams\/session\/xrp-raid-protector-killing-a-critical-bug-worth-40-billion-dollars\/","name":"XRP Raid Protector: Killing a Critical Bug Worth 40 Billion Dollars - HITBSecConf2023 - Amsterdam","isPartOf":{"@id":"https:\/\/conference.hitb.org\/hitbsecconf2023ams\/#website"},"datePublished":"2021-05-21T00:19:31+00:00","dateModified":"2023-05-11T03:03:53+00:00","breadcrumb":{"@id":"https:\/\/conference.hitb.org\/hitbsecconf2023ams\/session\/xrp-raid-protector-killing-a-critical-bug-worth-40-billion-dollars\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/conference.hitb.org\/hitbsecconf2023ams\/session\/xrp-raid-protector-killing-a-critical-bug-worth-40-billion-dollars\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/conference.hitb.org\/hitbsecconf2023ams\/session\/xrp-raid-protector-killing-a-critical-bug-worth-40-billion-dollars\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/conference.hitb.org\/hitbsecconf2023ams\/"},{"@type":"ListItem","position":2,"name":"Session","item":"https:\/\/conference.hitb.org\/hitbsecconf2023ams\/session\/"},{"@type":"ListItem","position":3,"name":"XRP Raid Protector: Killing a Critical Bug Worth 40 Billion Dollars"}]},{"@type":"WebSite","@id":"https:\/\/conference.hitb.org\/hitbsecconf2023ams\/#website","url":"https:\/\/conference.hitb.org\/hitbsecconf2023ams\/","name":"HITBSecConf2023 - Amsterdam","description":"#HITB2021AMS","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/conference.hitb.org\/hitbsecconf2023ams\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"}]}},"_links":{"self":[{"href":"https:\/\/conference.hitb.org\/hitbsecconf2023ams\/wp-json\/wp\/v2\/session\/9044"}],"collection":[{"href":"https:\/\/conference.hitb.org\/hitbsecconf2023ams\/wp-json\/wp\/v2\/session"}],"about":[{"href":"https:\/\/conference.hitb.org\/hitbsecconf2023ams\/wp-json\/wp\/v2\/types\/session"}],"wp:attachment":[{"href":"https:\/\/conference.hitb.org\/hitbsecconf2023ams\/wp-json\/wp\/v2\/media?parent=9044"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}