Aptos Patches Critical Bug That Could Have Put Up to $70 Billion in Digital Assets at Risk

AI Market Summary
Aptos disclosed and patched a critical Move VM "stale cache" type-confusion vulnerability that whitehats report could have enabled high-success exploitation without insider access, potentially impacting assets via stablecoins and cross-chain bridges. No funds were lost, but the episode highlights latent smart-contract execution risk and may raise near-term risk premia and scrutiny on Move-based security assumptions across Aptos-related ecosystems.
Impact level
● Medium
Affected assets
APT/USDT-2.88%
AI Insight · APT/USDTAI Insight
● Neutral
Trade now
⚠️ AI-generated insights are based on news content and are provided for informational purposes only. They do not constitute investment advice or represent the views of BingX. Investing involves risk. Please trade responsibly.
Huo Xing Cai Jing, citing CoinDesk, reported that whitehat researchers at security firm Hexens uncovered and responsibly disclosed a serious vulnerability in the Aptos blockchain that has now been fixed. If abused, the issue could have subjected as much as $70 billion in digital assets to systemic risk, including stablecoins and cross-chain bridges. Hexens said it alerted the Aptos development team in late February to a critical flaw in the Move virtual machine, the environment that executes on-chain smart contracts. The bug was described as a "stale cache vulnerability" that could trigger a type-confusion condition, allowing software to misidentify one on-chain resource as another. In testing on a live network setup, the researchers reported a success rate above 90%. They said the simulation used well-configured servers costing about $3,000 to emulate roughly one-third of the validator network, and did not require insider access or special privileges. Aptos applied a patch immediately after disclosure and reported no loss of funds.