Apple Alerts EU Regulators That Apple Ads and Maps Meet DMA Gatekeeper Thresholds 
Sam Altman Reportedly Explored Funding for Rocket Venture in Potential Challenge to SpaceX 
YouTube Agrees to Follow Australia’s New Under-16 Social Media Ban 
Apple Leads Singles’ Day Smartphone Sales as iPhone 17 Demand Surges 
Morgan Stanley Boosts Nvidia and Broadcom Targets as AI Demand Surges 
Nexperia Urges China Division to Resume Chip Production as Supply Risks Mount 
Australia Moves Forward With Teen Social Media Ban as Platforms Begin Lockouts 
Norway’s Wealth Fund Backs Shareholder Push for Microsoft Human-Rights Risk Report 
Quantum Systems Projects Revenue Surge as It Eyes IPO or Private Sale 
Amazon and Google Launch New Multicloud Networking Service to Boost High-Speed Cloud Connectivity 
Wikipedia Pushes for AI Licensing Deals as Jimmy Wales Calls for Fair Compensation 
Trump Administration to Secure Equity Stake in Pat Gelsinger’s XLight Startup 
Apple Appoints Amar Subramanya as New Vice President of AI Amid Push to Accelerate Innovation 
AI-Guided Drones Transform Ukraine’s Battlefield Strategy 
Australia Releases New National AI Plan, Opts for Existing Laws to Manage Risks 
Intel Boosts Malaysia Operations with Additional RM860 Million Investment 
EU Prepares Antitrust Probe Into Meta’s AI Integration on WhatsApp 
A poorly designed Ethereum app led to the hacking of $20 million worth of Ether, Cointelegraph has reported. Attackers exploited the vulnerability present in a Remote Procedure Call (RPC), which allows third parties to access and interact with the data within.
The attackers exploited port 8545, where the RPC had been left enabled by developers for some reason. This allowed the hackers to compile and make off with sensitive miner and wallet information. It provided these illicit third parties with access to private keys and the chance to peek into the port owners' personal data and consequently transfer funds.
For this reason, the RPC interface is usually disabled. And even if it is open, it’s generally designed to give access to apps that are operating only locally.
It’s still unclear why the app developers enabled port 8545’s RPC – maybe they were configuring something – but it gave the hackers backdoor entry. In short, human error is likely the culprit in such a large loss yet again.
Incidentally, attention was already called to this vulnerability by Qihoo 360 Net Lab in March. During the time, an attacker got only 3.96234 worth of Ether, which was valued at about $2,000 to $3,000 then.
Netlab developers added that hackers are continuing to scan port 8545 hoping to find any other RPC interface that has been left open. With the success of this recent heist, other illicit actors will surely want to join the fray.
While this is grim news for the victims, the increase in hacking incidents will only make Ether and other cryptocurrencies resistant to this kind of attack in the future, according to some experts. Blockstar CEO Christian Ferri said that hacking incidents will always be painful for some in the short run, but will play a significant role in creating a more secure framework for the crypto industry in the future.
Indeed, vulnerabilities like this will definitely contribute to the guidelines that will govern how blockchain companies operate in order to make a habit of plugging these threats and risks. Ethereum developers and co-founder Vitalik Buterin have yet to comment on the attack.
