Scrutiny over Smart Contracts arose once again. On April 23rd, PeckShield, a blockchain security startup,discovered a new batchOverflow bug in multiple ERC-20 Smart Contracts and quickly alerted the public. Unusual SMT and BEC token transactions happened at about 03:28:52 AM UTC, according to PeckShield. The bug which effected the Ethereum smart contracts let malicious attackers create and receive large values of the batchOverflow-affected tokens.
Immediately after the incident took place, Huobi Pro, a decentralized exchange network established in 2013, blocked all tokens from deposits and withdrawals to keep users funds safe and away from attacks. Upon further evaluation, Huobi Pro allowed the deposits and withdrawals of non ERC-20 Tokens until the issue was resolved and opened the floors to usual activity including ERC-20 Tokens as well. The actions taken by the exchanges show determination and speed when it comes to user’s funds and protection.
OKEx, another popular exchange, said on April 24ththat it was rolling back trades on the BeautyChain Token. OKEx also announced that in light of the bug, it was suspending the deposits and withdrawals of a project called SmartMesh due to “abnormal trading activities.” Poloniex also came down hard on ERC-20 Tokens due to the batchOverflow bug. Huobi Pro released a statement on the day of the incident which read, [Huobi Pro] “has recovered the deposit and withdrawal of non-ERC20 tokens,” also siting that, “the safety of our users’ wallets are our top priority. We apologize for any inconvenience caused during this period.”
Many came to twitter to voice their concerns as well. A number of tweeters quoted the transfer of 65,133,050,195,990,400,000,000,000,000,000,000,000,000,000,000,000,000,000,000.891004451135422463 Smartmesh tokens (SMT) worth approximately $5,712,591,867,014,630,000,000,000,000,000,000,000,000,000,000,000,000,000,000.00 to the attacker’s address. This is what the transaction looked like:
Unfortunately, some of those tokens were sold, but hacker’s accounts on exchanges are now frozen and kept away from the malicious attackers. A technical breakdown of the proxyOverlow exploit can be seen here:
In all, it is very important and in fact necessary to create an account with a reputable and trustworthy exchange such as Coinbase and Huobi. Also, another important precautionary step to take is to keep your tokens in hardware wallets such as on the Nano S or Trezor. This keeps your investments away from others trying to gain illegal access or cause you any harm. Again, reputation, safety and security is everything. We want to maintain a better and safer ecosystem for all of us and keep attackers as far away as possible.
You may be interested
Indian Police Arrest Asian Chief of Multi-Billion Crypto Scheme BitconnectBrian Evans - Aug 21, 2018
A high-ranking promoter of Bitconnect has been arrested at the Delhi airport India for his involvement in the alleged multi-billion dollar Ponzi scheme that blew up earlier this year.…
Thailand: Stockbroker Indicted in $24 Million Bitcoin Fraud Pleads Innocence as VictimBrian Evans - Aug 21, 2018
Prasit Srisuwan, a well known Thai stock investor who has been roped into the ongoing probe over a $24 million bitcoin fraud case has denied being a…
China Zheshang Bank Issues Securities Worth $66 Million on BlockchainBrian Evans - Aug 21, 2018
One of the largest privately held commercial banks in China has completed the issuance of securities worth $66 million via blockchain.