Thieves counterfeited 1 billion EOS-based tokens, called them EOS, and placed them on the decentralized exchange Newdex. Since these coins were counterfeit and had no value, the hackers were able to earn approximately $58,000 in BLACK, IQ, and ADD tokens.
According to information from The Next Web, Newdex confirmed the fraud with an official statement:
"EOS account oo1122334455 issued a billion fake EOS tokens. After verifying the possibility of an attack, the account owner began placing large buy orders. In total, 11,800 orders were placed with fake EOS to buy BLACK, IQ and ADD.”
The Next Web article also states: “Ultimately, the hackers exchanged the illegally obtained tokens for real EOS tokens. In total, the decentralized exchanger Newdex suffered losses of approximately $58,000.”
Due to the fact that the EOS tokens were counterfeit, many of the exchanger’s clients were left with nothing. Newdex representatives have not yet made any comments on how they plan to compensate their users.
The problem mainly lies in the vulnerabilities of the Newdex application, but part of the blame lies also in the specifics of EOS. In simple terms, anyone can create a token on the EOS platform, and the user can name it whatever they want. In this case, the hackers named their token EOS, and thereby deceived Newdex. In addition, the application does not use smart contract technology, and this is the main reason why fake tokens ended up on the exchanger.
So why doesn't Newdex use smart contracts?
The Next Web made their opinion on this matter quite clearly:
“This is all happening because developers are simply taking advantage of the hype around decentralized exchanges, calling themselves one of them for the sake of profit. In fact, one account processes and conducts all transactions under the guise of a crypto exchange. There is an opinion that such applications are called centralized. Even worse, the hackers didn't even have to obtain the users' private keys - they simply exploited security holes left by developers who didn't even bother to create a smart contract that would protect their clients."
According to cryptodaily.co.uk
You May Also Like
Bithumb will lower the withdrawal limit for anonymous clients
According to reports, one of South Korea's largest crypto exchanges, Bithumb, has announced a gradual reduction in the withdrawal limit for all accounts that have not passed real name verification, citing financial crime risks.
Coinsquare wants to compete with Coinbase
Canadian crypto exchange and brokerage platform Coinsquare has added XRP to its listings, moving even closer to its goal of becoming the premier trading destination for retail cryptocurrency investors.
