Chinese internet and cyber security research firm 360 reported a series of high risk vulnerabilities in the EOS blockchain platform a couple of hours ago. According to China’s version of Twitter, Weibo, some of these vulnerabilities can remotely execute arbitrary code on the EOS node, meaning that remote attacks can directly control and take over all nodes running on EOS.
The Weibo post went on to state; “On the early morning of the 29th, 360 first reported the vulnerability to EOS officials and helped them repair the security risks. The person in charge of the EOS network said that the EOS network will not be officially launched until these issues are fixed.”
Defective Digital Blockchain Vulnerability
Security vulnerabilities in digital currencies tend to have far greater impacts than those associated with regular software. Due to its decentralized nature a security breech in one node can rapid spread across all others on the network and cause thousands of them to be attacked. During the attack the hacker can publish and distribute a smart contract containing malicious code targeting the vulnerability. According to the post which was translated from Chinese; “The EOS super node will execute this malicious contract and trigger a security hole. The attacker then re-uses the super node to package the malicious contract into a new block, which in turn causes all full nodes in the network (alternate super node, exchange reload point, digital currency wallet server node, etc.) to be controlled remotely.”
The attacker then has full control over the nodal system and can steal private keys, user data, and control all cryptocurrency transactions according to the report. Additionally the attacker can turn a node on the EOS network into a member of a botnet, launch a cyber-attack, or become a free “miner” and mine other cryptocurrencies.
The report elaborated that;
“The series of new security vulnerabilities discovered by the 360 security team in the smart contract virtual machine on the EOS platform is a series of unprecedented security risks. Security researchers have not found such problems before. This type of security issue affects not only EOS but also other types of blockchain platforms and virtual currency applications.” At the time of writing the news had only just made it out of China and onto Twitter and Reddit. The EOS team has yet to release an official response but the price of the token reacted instantly dropping by 7% in less than an hour. EOS is currently trading at $11.20, down from its monthly high of $19.3 on May 3rd.
0 Comments
Leave a Reply. |
CORWIN GROUPLatest News Archives
October 2021
CategoriesBy submitting this form, you provide consent for Corwin Group to email you occasionally with industry news and promotions. You may unsubscribe from these emails at any time.Testimonials & Disclaimer
Important Disclosure: By visiting this site, you agree to be bound by CorwinGroup’s Terms of Use and Privacy Policy. CorwinGroup.com is intended for accredited investors and otherwise qualified investors who understand and accept the risk associated with private investments. Investing in private investments on CorwinGroup involves risks, including, but not limited to market and industry risks, risks related to a specific property, currency fluctuation risk and liquidity constraints. Investments are not bank deposits and are not guaranteed. There is a potential for loss of part or ALL of the investment capital. CorwinGroup does not endorse any of the opportunities that appear on the site, nor does it make any recommendations regarding the appropriateness of particular opportunities for any investor. No correspondence or information provided on CorwinGroup.com or by any representative of CorwinGroup should be construed as a recommendation of a security. Each investor is advised to conduct his/her own due diligence as CorwinGroup does not provide any investment advice, business advice, or tax or legal advice. CorwinGroup is not registered under the Securities & Futures Act or the Financial Advisor’s Act. Neither the Securities and Exchange Commission in the country nor any federal or state securities commission or any other regulatory authority has recommended or approved of the investment or the accuracy or inaccuracy of any of the information or materials provided by or through the website. Please read Corwin’s Terms of Use for more detailed terms and conditions to which users of CorwinGroup are subject. |