Cosmos-based blockchain Juno went offline on Tuesday due to a cyberattack. According to a message retweeted by the project’s official Twitter, the network is still offline at press time, but no user funds have been affected, and the Juno core development team says it is in the process of being fixed.
A Juno core developer, who asked not to be named, said the network crash stemmed from a malicious smart contract disguised as a simple “hello world” program. The suspected attacker sent more than 400 transactions to the smart contract over a three-day period in what was apparently a trial-and-error process that eventually locked down a specific combination of transactions, causing the network to crash.
Attackers exploited a blockchain vulnerability that Juno plans to address with an update within hours of the attack, developers say. The developer said the vulnerability has been publicly disclosed as it affects all blockchains using the CosmWasm smart contract platform. Previously, Juno stopped producing blocks at block height 2578108.