Posted on

EOS: A Shocking Security Vulnerability

0 Total shares
EOS security hack

For the second time in a week, hackers flooded an exchange with a billion fake EOS tokens.

By doing so, they were able to steal $58,000 from the Newdex exchange.

They exploited a shocking security vulnerability

“EOS account oo1122334455 issued 1,000,000,000 fake EOS tokens,” Newdex said.  “After testing the feasibility of the attack, the account began to place large [buy orders]. A total of 11,800 fake EOS orders were issued to purchase BLACK, IQ [sic] and ADD.”

Here’s the problem.

One, apparently anyone can create a token using EOS, according to The Next Web. All you need is an EOS account. Two, the exchange doesn’t use smart contracts.  Without those, the exchange could not verify the authenticity of the cryptocurrency is was flooded with.

While apologies were issued, there are no plans to compensate effected users just yet.

Gaping security holes left by exchange developers can be blamed here.

This isn’t the first instance of a hack, though

Not long ago, Monero was hit, too.

Monero (XMR) has shared some bad news with its community. They revealed that hackers have compromised their site. Apparently the hackers hit them through their MEGA Chrome extension. The extension stole XMR crypto wallet addresses as well as Monero passwords from site users.

This Chrome extension had an important role to play.

The idea was that it would boost the performance of the browser and decrease the length of time for loading. The hack is serious and affects much more than just Monero.

In fact, crypto hijackers have accessed usernames and saved passwords off of Google, Amazon, Microsoft, and GitHub platforms too.  Because of that, Chrome has taken the extension down from its download store at Chrome Web.



Want the latest crypto news? Join our Telegram Channel

Daily updates