A Lightning Labs developer has publicly acknowledged that a bug plaguing the Bitcoin Lightning Network has been “exploited in the wild.”
Olaoluwa Osuntokun, the chief technical officer at Lightning Labs, told developers in a mailing list that multiple Lightning node versions needed updates to prevent vulnerability.
“We’ve confirmed instances of the CVE being exploited in the wild. If you’re not on the following versions of either of these implementations (these versions are fully patched), then you need to upgrade now to avoid risk of funds loss:
* lnd v0.7.1 — anything 0.7 and below is vulnerable
* c-lightning v0.7.1 — anything 0.7 and below is vulnerable
* eclair v0.3.1 — anything 0.3 and below is vulnerable
We’d also like to remind…