360 reported on their Weibo Channel (Chinese Twitter) which has over 6 Million followers that their 360 Vulcan team recently found some vulnerabilities which can remotely execute arbitrary code on the EOS Node. They also claim that these attacks can take over all the nodes running on EOS.
They mention that they reported these bugs to the EOS team:
The person in charge of the EOS network said that the EOS network will not be officially launched until these issues are fixed.
They mention 3 major points in their blog:
1.Defective digital blockchain vulnerability
360 reports that Security loopholes in the Blockchain networks tend to have more serious impact. Due to its decentralized computing characteristics, a security vulnerability in the implementation of a Blockchain node may cause thousands of nodes to be attacked
2. EOS SuperNode Attack: Fully Controlled Virtual Currency Trading
In an attack, if the bad actor published a malicious smart contract, the EOS supernode will execute it triggering a security hole. The attacker can then reuse the supernode to package the contract into a new block which will cause all the full nodes in the EOS network to be controlled remotely
This means that the attacker can “do whatever it wants” which include exchange Digital currency, the user’s key stored in the wallet, key user profiles, privacy data, and more which can be devastating to the entire EOS ecosystem.
3. Blockchain network security concerns need to be paid attention
They write that There are many attack surfaces in the Blockchain networks for nodes, wallets, mining pools, exchanges and smart contracts.
The 360 security team has previously discovered and disclosed multiple digital currency nodes, wallets, and mines. Serious security holes in pools and smart contracts.
The series of new security vulnerabilities discovered by the 360 security team in the smart contract virtual machine on the EOS platform is a series of unprecedented security risks. Security researchers have not found such problems before. This type of security issue affects not only EOS but also other types of blockchain platforms and virtual currency applications
360 urges the Blockchain industry to pay more attention to security issues like these which can be critical for these networks.
The EOS Mainnet launch is set to happen on June 2nd where the EOS token will be moving out of the Ethereum Blockchain and exchanges like Binance, Bitfinex, Kraken Bithumb, etc have announced that they will be supporting the token swap, But if the vulnerabilities highlighted by 360 is true then it will be critical to resolve those issues before the Mainnet launch as it can have a devastating impact. It would not be a surprise if the Mainnet launch is postponed due to these issues.
There has been no official announcement from the EOS Team until now on their social media channels, however, the issue is said to resolved according to their Github.
cnLedger Tweeted:
Source: 360 Security Guards
Discuss this news on our Telegram Community. Subscribe to us on Google news and do follow us on Twitter @Blockmanity
Did you like the news you just read? Please leave a feedback to help us serve you better
Disclaimer: Blockmanity is a news portal and does not provide any financial advice. Blockmanity's role is to inform the cryptocurrency and blockchain community about what's going on in this space. Please do your own due diligence before making any investment. Blockmanity won't be responsible for any loss of funds.
Macro guru and Real Vision CEO Raoul Pal shone the spotlight on a rising layer-1…
As the technology landscape transforms at lightning speed, AI Companions has positioned itself as a…
Did you know that 85% of DeFi value is concentrated in six blockchains? DeFi is…
CLAPART - a groundbreaking RWA platform has launched its much-anticipated $CLP token IDO on Gempad…
Join us at BFC 2024 to explore the future of Web3. Use a special discount…
Catch all the updates with Altcoin Observer, official media partner of WebX Asia 2024. Gear…