Just few hours ago one of the reddit poster by name belite posted on https://www.reddit.com/r/Bitcoin/ a elaborated post regarding this issue. This first started when one of the chinese private cybersecurity firm https://twitter.com/SlowMist_Team tweeted this USDT transaction;
with the text (obviously translated one);
The exchange in the USDT recharge transactions to confirm the success of a logical flaw in the transaction details on the block chain valid field value is true, resulting in "pretend value", the user has not lost any USDT but successfully recharge the exchange USDT, and these usdt can be normal transactions. We have confirmed that the real attack happened! The relevant exchange should suspend USDT recharge function as soon as possible, and self-examination code whether there is this logic flaw.
What we can conclude from here :
- One of the exchange platform is accepting double spent USDT transaction without validating the transaction but we don't know which exchange have that fault.
- Its exchange related fault and doesn't have anything to do with USDT network
Omnilayer founder quickly replied to that tweet :
Only one exchange OKEx came froward and posted https://support.okex.com/hc/en-us/articles/360006305532
Dear valued customers,
We are aware of the vulnerability with USDT deposit. And we confirm that OKEx is NOT exposed to the vulnerability. Please rest assured that your assets are safe and secure with us.
This mean one or more than one exchange out there have this vulnerability and under attack. This is the reason why we should only trade in exchanges that has reputation and tight security measures.