Chinese Security Giant has Found Vulnerabilities in EOS Platform

Chinese Internet Security Giant 360 Security Guard, has claimed to have found a series of epic vulnerabilities in the EOS Blockchain to fully control the transactions.

360 reported on their Weibo Channel (Chinese Twitter) which has over 6 Million followers that their 360 Vulcan team recently found some vulnerabilities which can remotely execute arbitrary code on the EOS Node. They also claim that these attacks can take over all the nodes running on EOS.

They mention that they reported these bugs to the EOS team:

The person in charge of the EOS network said that the EOS network will not be officially launched until these issues are fixed.

They mention 3 major points in their blog:

1.Defective digital blockchain vulnerability

360 reports that Security loopholes in the Blockchain networks tend to have more serious impact. Due to its decentralized computing characteristics, a security vulnerability in the implementation of a Blockchain node may cause thousands of nodes to be attacked

2. EOS SuperNode Attack: Fully Controlled Virtual Currency Trading

In an attack, if the bad actor published a malicious smart contract, the EOS supernode will execute it triggering a security hole. The attacker can then reuse the supernode to package the contract into a new block which will cause all the full nodes in the EOS network to be controlled remotely

This means that the attacker can “do whatever it wants” which include exchange Digital currency, the user’s key stored in the wallet, key user profiles, privacy data, and more which can be devastating to the entire EOS ecosystem.

3. Blockchain network security concerns need to be paid attention

They write that There are many attack surfaces in the Blockchain networks for nodes, wallets, mining pools, exchanges and smart contracts.

 The 360 ​​security team has previously discovered and disclosed multiple digital currency nodes, wallets, and mines. Serious security holes in pools and smart contracts.

The series of new security vulnerabilities discovered by the 360 ​​security team in the smart contract virtual machine on the EOS platform is a series of unprecedented security risks. Security researchers have not found such problems before. This type of security issue affects not only EOS but also other types of blockchain platforms and virtual currency applications

360 urges the Blockchain industry to pay more attention to security issues like these which can be critical for these networks.

The EOS Mainnet launch is set to happen on June 2nd where the EOS token will be moving out of the Ethereum Blockchain and exchanges like Binance, Bitfinex, Kraken Bithumb, etc have announced that they will be supporting the token swap, But if the vulnerabilities highlighted by 360 is true then it will be critical to resolve those issues before the Mainnet launch as it can have a devastating impact. It would not be a surprise if the Mainnet launch is postponed due to these issues.

There has been no official announcement from the EOS Team until now on their social media channels, however, the issue is said to resolved according to their Github.

cnLedger Tweeted:

2/ According to their Weibo (Chinese Twitter), 360 reported the bugs to the EOS team. "The person in charge of the EOS network said that the EOS network will not be officially launched until these issues are fixed."

— cnLedger [Not giving away ETH] (@cnLedger) May 29, 2018

4/ On their weibo, 360 then urges the teams and companies in this industry to pay more attention to the security of blockchain projects, as more vulnerabilities could also be found on other cryptocurrencies in future.

— cnLedger [Not giving away ETH] (@cnLedger) May 29, 2018

Source: 360 Security Guards

Discuss this news on our Telegram Community. Subscribe to us on Google news and do follow us on Twitter @Blockmanity

Disclaimer: Blockmanity is a news portal and does not provide any financial advice. Blockmanity's role is to inform the cryptocurrency and blockchain community about what's going on in this space. Please do your own due diligence before making any investment. Blockmanity won't be responsible for any loss of funds.