Chengdu LiaAn Technology Co (Chain Security), a security auditing company through its VaaS (Verification as a Service) platform, discovered a bug similar to batchOverflow in EOS smart contracts.
A critical vulnerability in smart contracts of the EOS network includes it in the list of ERC-20 standard tokens that are at risk of hacking and theft by hackers.
The vulnerability is called batchOverFlow - the attack gives hackers the opportunity to withdraw an almost unlimited number of coins from the site. The bug allows attackers to change the transaction amount by indicating the number they need in the required line. ERC-20 standard tokens calculate the value of the “sum” variable by multiplying the value of the “cnt” and “value” variables. Entering such a disproportionately large amount into the code leads to its overflow, and gives scammers access to an unlimited number of coins. Using this vulnerability, a hacker only needs to set the value of the “amount” variable at his discretion. Thus, during hack of the OKEх exchange the scammers managed to steal 8 vigintillion BEC units, which is an eight with 63 zeros.
More recently, a vulnerability paralyzed trading of several ERC-20 tokens on major cryptocurrency exchanges. Huobi, OKEx, Poloniex & HitBTC and even Changelly have suspended trading on all ERC20 tokens.
Decentralized platforms implemented on the Ethereum blockchain do not yet have protection from the bug. The identified vulnerability proves the need for further customization of the EOS platform code and the installation of a mechanism for auditing smart contracts.
On June 2 of this year, the launch of the EOS main network was announced, which now operates on the Ethereum network. It is not yet known whether this incident will affect the timing of the network launch. However, the market has already responded to the suspension of acceptance of ERC20 tokens by large and small exchanges due to a bug in the smart contract code.
The EOS coin showed good results throughout April. On May 1, EOS fell in price by 16%, but the next day it began to regain lost ground. During the day, the value of EOS increased by 8% and now stands at $18.87.
And now the market capitalization of EOS is $15.6 billion. The asset still ranks 5th in the CoinMarketCap rating, ahead of Cardano.
The company's technical director Dan Larimer assures that the discovered error is not a security threat. He urged developers to simply not leave smart contracts open to exploitation.
You May Also Like
XRP, ADA and XLM await new listing
Once on new exchanges, cryptocurrency finds new clients and new trading directions. Moreover, listing new tokens benefits not only cryptocurrencies, but also exchanges, as they attract new customers to their platform and increase trading volume.
Zcash: life on a roller coaster
Zcash has been subject to repression in Japan. He then became one of the leaders in the digital field, working in New York. He was accused of a billion dollar fraud, and yet he solved the mining mystery. All this time, Zcash has been a leader in the development of the latest cryptographic technologies.
