Virtuals Protocol (VIRTUAL) Crashes After Ignoring Reported Security Vulnerability

Virtuals Protocol (VIRTUAL) a top performer this week, navigating the artificial intelligence (AI) crypto boom, is now crashing. The sudden bearish reversal happens as a blockchain security researcher exposed a reported security vulnerability that the Virtuals team ignored.

Top AI crypto this week, Virtuals Protocol (VIRTUAL) is crashing after a blockchain security researcher highlighted a reported security vulnerability that was ignored by the Virtuals team.

As precisely explained, jinu (@lj1nu) took to X between January 2 and 3 to publicly report a security vulnerability he found during a “quick look” at the Virtuals Protocol code. However, the public report was only prompted after jinu’s private reporting via the team’s Discord server went unnoticed.

“They [Virtuals] are said to have been audited, but when I contacted them, the team said they weren’t running a bug bounty. And they closed the discord channel I created to report the vulnerability.”

This is not the ideal or standard way to handle a reported threat, especially in open-source software, sparking concerns and raising red flags. “I’m surprised that a project as big and hot as @virtuals_io doesn’t care about security,” concluded the researcher.

Top AI crypto Virtuals Protocol’s security vulnerability explained

Interestingly, another security expert, 33Audits (@solidityauditor) revealed that he and “a few others” tried to report the same issue earlier, only to get “booted” from both the Discord and Telegram official servers.

tried to report this along with a few others and they booted me from the discord and stopped answering on tg. they don’t give af

Yet, in a follow-up comment, jinu highlighted that the Virtuals team swiftly patched the reported security vulnerability following his post’s success. The expert shared the now-fixed source code and the new contract address, which is now supposedly secured. “They patched it very quickly,” he added.

In essence, the vulnerability allowed attackers to predict and create a Uniswap V2 token pair before Virtuals did, which could prevent the protocol from properly launching new tokens.

If someone else creates the pair first, Virtuals can’t proceed with the launch after reaching a certain price-threshold in the platform. The token creation follows a predictable method, which attackers can use to act first.

Virtuals Protocol (VIRTUAL) price crash

At the time of writing, VIRTUAL is trading at $4.29, crashing 7.19% in the last 24 hours. The token traded as low as $4.10 while the issue was present, now recovering slightly after the apparent fix.

As reported by Finbold Yesterday, the AI crypto scene is seeing a massive surge, surpassing the $10 billion total market cap. In the last seven days, VIRTUAL is up 30%, but investors and traders are now facing fear, uncertainty, and doubt (FUD), following the recent events.

This issue could have impacted users by delaying token releases, investors by risking token value, and developers by damaging trust. While it is already fixed, the team’s behavior could have damaged the market’s trust, which is directly reflected in its price performance.

Featured image from Shutterstock