Bitcoin Funds May Have Disappeared As Lightning Network Flaw ‘Exploited in the Wild’
A Lightning Labs developer has publicly acknowledged that a bug plaguing the Bitcoin Lightning Network has been “exploited in the wild.”
Olaoluwa Osuntokun, the chief technical officer at Lightning Labs, told developers in a mailing list that multiple Lightning node versions needed updates to prevent vulnerability.
“We’ve confirmed instances of the CVE being exploited in the wild. If you’re not on the following versions of either of these implementations (these versions are fully patched), then you need to upgrade now to avoid risk of funds loss:
* lnd v0.7.1 — anything 0.7 and below is vulnerable
* c-lightning v0.7.1 — anything 0.7 and below is vulnerable
* eclair v0.3.1 — anything 0.3 and below is vulnerable
We’d also like to remind the community that we still have limits in place on the network to mitigate widespread funds loss, and please keep that in mind when putting funds onto the network at this early stage.”
Osuntokun encourages users to reach out to the developers of those respective implementations if they have any trouble updating.
Last month, an Australian coder revealed the significant security flaw in the layer 2 scaling solution, which is designed to boost the speed and lower the cost of Bitcoin transactions.
Meanwhile, the total capacity of the network – which is one metric indicating its level of adoption – has declined from 1,098 BTC on May 10th to its current number of 834.335 BTC, according to Bitcoin Visuals.