Decentralized Bitcoin exchange platform Bisq reported an exploit in its trading protocol on May 1 of this year that allowed attackers to appropriate some of the active offers in the system.
Bisq Network reported the incident through the official account of X and confirmed the scope and scope of the attack. Measures taken to contain it.
Bisq is a Bitcoin exchange peer to peer Open source that operates under a model that operates under a decentralized network and without the need for central administration or identity registration.
According to the organization, The impact was limited to open offers that the attacker had actively received within the past 12 hours. Before being detected. The company said funds in users’ Bitcoin wallets were not affected.
Bisq said preliminary research indicates that the attackers used a modified client to take advantage of validation checks missing in the protocol.
As an interim measure, the organization Emergency mechanism to disable trading Set the required version to 2.0.0. Since this version does not exist, the attacker cannot continue to operate. Bisq warns that user interaction begins from the moment of attack They should start the mediation process.
Bisq’s response: Create a roadmap.
The Bisq development team said: Works to reliably assess issues and apply fixes.. Once this is complete, the organization plans to release a new version.
In parallel, a security review will be performed to identify additional vulnerabilities, they indicated. Regarding affected users, the company claims: Evaluate redemption options and allocate all available resources to restore trust in the platform.
This incident occurred in an unfavorable situation for the security of the cryptocurrency ecosystem. As reported by CriptoNoticias, 34 hacks of decentralized finance protocols were recorded in April, resulting in losses of over USD 635 million. This amount represents 78% of everything stolen within the ecosystem in 2026.
Bisq has specified that Bisq 2, the second version operating under the Easy Trade protocol, is not susceptible to the exploit. This is because they are independent codebases with different protocol designs. The organization reported that it will continue to post updates through its official channels, including Matrix, Bisq Forum, Telegram, Reddit, X, and Nostr.
The company has publicly committed to Address both the root cause of the exploit and its consequenceswe recognize that the response to an incident is as critical to the integrity of the incident as the attack itself.
(Tag Translation) Bisque
