Back to security portal

Malicious change in mixed transactions

Reported on March 7, 2020

A specially crafted multisig transaction could leverage a inconsistent sanitization of inputs to include a change output of an attacker, which wasn't confirmed by the user.

Reported by Saleem Rashid

Resolved vulnerabilities

Reported by community. Investigated. Resolved. Because your security is never optional.