TechFlow News: On March 16, white-hat hacker f4lc0n discovered a critical vulnerability on the Injective blockchain, exposing over $500 million in assets to risk. The vulnerability allowed any user to directly drain any account on the chain. After reporting the issue via Immunefi, the Injective team deployed a mainnet upgrade to fix it the following day. However, they remained silent for three months and ultimately offered only a $50,000 bounty—far below the $500,000 maximum stipulated for critical vulnerabilities under their bug bounty program. To date, this bounty remains unpaid, and f4lc0n’s objections have received no response or explanation.
Add to Favorites
Share to Social Media
