Replies (21)

🟠 isolabellart isolabellart@isolabellart.it.com 0 years ago

LDK it's ok?

calle calle@cashu.me 0 years ago

LDK is a library, so it should be ok.

Schroedinger Schroedinger@nostrcheck.me 0 years ago

I guess they were to busy bringing shitcoins to lightning (taproot assets) instead of improving security or searching for potential bugs

calle

🚨 LND exploit in the wild 🚨 If you are running LND older than 0.18.5 and/or LITD older than 0.14.1, upgrade immediately. Apparently, affected Lightning nodes can be completely drained by attackers. Lightning Labs has not issued a clarification yet.

View quoted note →

1 replies ↓

Oren ☂️ #BIP-128 orenz0@protonmail.com.ln2.email 0 years ago

I tested that my upgraded LND works by zapping this post 😆

1 replies ↓

calle calle@cashu.me 0 years ago

😎👍

Oren ☂️ #BIP-128 orenz0@protonmail.com.ln2.email 0 years ago

Any estimation for how much money was stolen?

1 replies ↓

calle calle@cashu.me 0 years ago

Haven't heard anything

Eluc eluc@bitcoincoin.ch 0 years ago

Thanks, I did update my Umbrel.

Devin devin@nostrplebs.com 0 years ago

@npub126nt...e9ll

cbrooklyn 0 years ago

Update complete. Thanks.

Filou filou@nostrplebs.com 0 years ago

The bug was in litd, you will not be affected if you are not running litd. And afaik there are no confirmed reports of the bug actually being exploited successfully. This is semi-fud circulating without being verified! TLDR upgrade Lightning Terminal to 0.14.1 if you run it.

1 replies ↓

Erik erik@juxtapose.store 0 years ago

Bitcoin ossification bad

npub1wc5f...mkf5 0 years ago

LND version 0.18.5 is currently not available in the Umbrel App Store, do you use a different store or did you upgrade using the terminal?

Eluc eluc@bitcoincoin.ch 0 years ago

On mine it is, version 0.18.5-beta, same as on the GitHub, on the app store, all standard repo as far as I know. Check with Umbrel support if you don't see the update.

npub1wc5f...mkf5 0 years ago

I was able to get the update notifications once I rebooted Umbrel, thank you for replying so quickly!

Lostdog 0 years ago

Ffs 0.18.5 is still in beta 😖 We're still in the reckless phase apparently 🙁

Jer jer@nostrplebs.com 0 years ago

I think the app devs are responsible for their own updates on Start9 aren’t they?

Devin devin@nostrplebs.com 0 years ago

It's in the Start9 repository, so I think they handle it updates. I believe they generally delay them on purpose in case there are unidentified issues with fresh updates.

Filou filou@nostrplebs.com 0 years ago

Update:

X (formerly Twitter)

Olaoluwa Osuntokun (@roasbeef) on X

Based on the information we've been provided with so far, it appears that this was an instance of the user's machine being compromised, leading to ...

Filou filou@nostrplebs.com 0 years ago

Clarification from Lightning Labs on X:

X (formerly Twitter)

Olaoluwa Osuntokun (@roasbeef) on X

Based on the information we've been provided with so far, it appears that this was an instance of the user's machine being compromised, leading to ...

Devin devin@nostrplebs.com 0 years ago

Registry, not repository. I'm dumb sometimes. But the update is out now.