Decentralized crypto exchange Bisq halts trading due to ‘critical security vulnerability’

UPDATE: 10:15 A.M. EDT: In subsequent blog post, the Bisq team said that "about 24 hours ago, we discovered that an attacker was able to exploit a flaw in the Bisq trade protocol, targeting individual trades in order to steal trading capital."

The team went on to explain:"We are aware of approximately 3 BTC and 4000 XMR stolen from 7 different victims. This is the situation as we know it so far. The only market affected was the XMR/BTC market, and all affected trades occured over the past 12 days."

That figure equates to roughly $245,000 at current market prices for bitcoin and monero.

Bisq has also published a security vulnerability fix, adding on Twitter that "in-app alerts are going out now."


Decentralized or non-custodial cryptocurrency exchange Bisq has halted trading until further notice due to a “critical security vulnerability.”

Announcing the news on Tuesday, Bisq said it has used the alert key to "temporarily disable trading."

"Bisq is a proper distributed peer-to-peer network. So you can override the latest alert key functionality that blocks trading. But we highly discourage you from doing this for your own security," said the exchange.

Bisq is expected to release an update of its application “within a few hours.” In the meantime, the exchange has advised users not to send any funds to a counter-party if they active trades.

“Until v1.3.0 is released, existing trades cannot be completed. Please hold tight. Of course, because of Bisq’s security model, your funds are not at risk,” said the exchange.

Bisq is an open-source, peer-to-peer application that allows users to buy and sell cryptocurrencies in exchange for national currencies.

About Author

Yogita Khatri is a senior reporter at The Block and the author of The Funding newsletter. As our longest-serving editorial member, Yogita has been instrumental in breaking numerous stories, exclusives and scoops. With over 3,000 articles to her name, Yogita is The Block's most-published and most-read author of all time. Before joining The Block, Yogita wrote for CoinDesk and The Economic Times. You can reach her at [email protected] or follow her latest updates on X at @Yogita_Khatri5.

WHO WE ARE

The Block is a news provider that strives to be the first and final word on digital assets news, research, and data.

+ Follow us on Google News
Connect with the block on