Lido discloses a security incident involving Ethereum node operator Numic, which did not affect user funds

2024-05-21 19:15:56
Collection

ChainCatcher message, Lido released a disclosure regarding the security incident involving Ethereum node operator Numic. On May 14, Lido DAO contributors became aware of a security vulnerability that affected active node operators using Lido on the Ethereum protocol (Numic).

The security vulnerability occurred a few days ago, affecting a developer's machine that had access to the backup of the mainnet validator's cryptographic key materials. It is currently unclear whether the encrypted key materials were accessed, copied, or otherwise manipulated, nor is it known whether the decryption materials for that data were discovered or if the encryption was compromised.

In response to the identification that the encrypted backup may have been accessed, and for security reasons, the node operators decided to: set the deposit keys associated with the Lido protocol to zero to avoid receiving any further deposits; and to voluntarily exit all potentially affected keys in a staggered manner over the next few days.

As of a few hours ago, all operators' validators have exited (and fully withdrawn). This incident did not affect the operation of the validators, nor did it impact user funds.

ChainCatcher reminds readers to view blockchain rationally, enhance risk awareness, and be cautious of various virtual token issuances and speculations. All content on this site is solely market information or related party opinions, and does not constitute any form of investment advice. If you find sensitive information in the content, please click "Report", and we will handle it promptly.
ChainCatcher Building the Web3 world with innovators