Verichains researchers reported a new vulnerability in wallets that use the MPC protocol. The company says this in its report.
Experts uncovered a critical flaw in the threshold signature (TSS) scheme, which could potentially allow attackers to obtain the private key.
A study conducted since October 2022 found that nearly all multisignature wallets are vulnerable to this vulnerability. According to experts, about $8 billion is stored on them.
The company noted that such a method of hacking leaves no traces, making it difficult to identify the hacker.
Additionally, addresses using the ECDSA algorithm are at risk.
Analysts did not name services potentially vulnerable to attacks. However, Verichains has already warned of the danger ‘a number of affiliated providers’.
“Verichains is firmly committed to responsible disclosure of vulnerabilities. We exercise caution and deliberate steps in disclosing attacks, especially given the broad range of affected projects and user funds at risk,” added Thanh Nguyen, co-founder of the company.
The company urged crypto platforms to prioritise the implementation of robust security measures and to consult with experts on this matter.
Earlier, Verichains reported about several critical vulnerabilities in the widely used consensus-confirmation mechanism based on the AVL-tree from the Tendermint Core protocol.
Earlier in March, Fireblocks revealed details of the exploit in BitGo’s wallets.