How white hat hackers with a $3,000 server found a bug that could have put $70 billion in crypto at risk

Meanwhile, Grego AI, which independently verified Hexens’ proof-of-concept, calculated that approximately $250 million in Aptos-native TVL was directly at risk based on a nearly 90% success rate, separate from broader cross-chain exposure.

The $70 billion risk

The vulnerability, discovered by Vahe Karapetyan, CTO and co-founder of Hexens, if left unchecked, could have exposed a much larger systemic risk surface across bridges, stablecoins, DeFi protocols and centralized exchanges, costing billions and creating a crisis far beyond Aptos itself.

And all it would have taken was a few thousand dollars of servers.

The total cost to build the infrastructure necessary to run this experiment was approximately $3,000 for a server that simulated an environment designed to approximate Apto’s mainnet conditions. Even if a malicious attacker were to actually review the exploit, it would have required significantly less, without requiring validator access, insider knowledge, or privileged protocol permissions.

The team ran the exploit path about 20 times in a simulated environment and succeeded 17 or 18 times. The two or three failed attempts did not stop the network, meaning the attacker could have simply had another window to try again.

The simulation was built to closely approximate real-world network conditions by using a cluster of more than 30 validator nodes, a mainnet-shaped stake distribution, organic transaction traffic, and heavy execution contention. The Hexens team also tested what they call “unarmed calibration techniques”: dry runs that measured mempool and block construction conditions before committing to an armed trial. The firm said these steps significantly reduced the uncertainty introduced by the exploit’s probabilistic elements, making the attack path more reliable in practice.

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top