Slowmist: exchanges may suffer loss from invalid USDT deposit
Recently, Slowmist and 2345 Blockchain Research laboratory observed suspicious attacks on exchanges to steal USDT based on Omni Protocol. The attacker maliciously constructed a false transfer by exploiting a logical defect of the protocol.
1. The USDT is an asset based on the OMNI protocol, which uses Bitcoin’s OP_RETURN to carry the relevant transaction data;
2. Bitcoin blockchain itself does not verify the “authenticity” of OP_RETURN data, which can be any data;
3. Bitcoin transactions will be recognized by the Bitcoin node when the block confirmation number reaches 6.
4. So the question is, how is the USDT transaction confirmed on the OMNI node? Let’s continue to look.
They scanned the USDT transaction data in the Bitcoin blockchain and found an invalid transaction:
As indicated by Omniexplorer, the detail information regarding the tx is:
2. “amount”: “28.59995822”,
3. “block”: 502358,
5. “blocktime”: 1514985094,
6. “confirmations”: 27963,
7. “divisible”: true,
8. “fee”: “0.00200000”,
9. “invalidreason”: “Sender has insufficient balance”,
10. “ismine”: false,
11. “positioninblock”: 301,
12. “propertyid”: 31,
13. “propertyname”: “TetherUS”,
15. “sendingaddress”: “18DmsHjHU6YM2ckFzub4pBneD8QXCXRTLR”,
17. “type”: “Simple Send”,
18. “type_int”: 0,
19. “valid”: false,//注意这
20. “version”: 0
As noted above, OMNI has its own set of address-based accounting models. The address can be used to obtain the balance of the address. It compares the sender’s current balance with the amount sent. If the balance is less than the amount to be sent, the balance will be reported as insufficient, then the transaction will be rendered invalid due to insufficient balance and the valid field will be set to false.
To sum up, if a USDT transaction is valid, at least the following 2 conditions are met:
1. USDT tx must be constructed through Bitcoin tx and in compliance with Bitcoin balance verification (BTC) and transaction rule verification.
2. To verify by USDT’s own balance (USDT)
In addition, according to the findings of other colleagues in the lab, transactions initiated by addresses frozen by USDT are also marked as invalid transactions.
Attack process analysis
Based on the integrated wallet transfer behavior and related technical information, it is inferred that the attack behavior may be:
1. Construct and initiate an invalid (false) transfer transaction to the exchange wallet;
2. Due to the absence of logical judgment of the defective exchange, the invalid deposit is recorded and credited to the user’s fund account at the exchange;
3. The attacker initiates the withdrawal of USDT;
4. The exchange process withdrawal and transfer valid USDT to the user’s own wallet address;
5. In the end, the attacker lost nothing if attempt failed but exchange may suffer heavy loss.
Attacker is constantly constructing invalid transaction through the following address: 16k5MgZHm2yxiKzrdeaY2vmn13xSSu5xg6
It’s assumed that the attacker had profited from certain exchanges. As the scan continutes, more suspected malicious wallet addresses are found.
1. The exchange self-checks the USDT processing logic, immediately schedules corrections if necessary and check historical USDT transactions.
2. Introduce professional code auditing to improve the robustness of the code;
3. Raise developers’ basic knowledge of blockchain technology and avoid false perceptions leading to erroneous results;
4. Enhance the overall risk management process of the exchange and intercept suspected risky transactions.