January 1st, 2018
Huge Vulnerabilities Discovered In EOS Network
As EOS approaches their MainNet launch, reports out today suggest that Chinese internet security firm, 360 Total Security have discovered a number of crucial vulnerabilities within the EOS network that could have quite a harsh impact on the currency and of course, on the EOS platform.
The premise of this vulnerability is that, on the network, a hacker or an attacker is able to publish a smart contract that contains malicious code. Within this, a super node can they go on to execute this smart contract, which, depending on the nature of the code, could then go on to open up gaps within the networks security, allowing more hackers into the network to start draining funds, collecting data etc. This discovery is huge. Of course, it allows the EOS team to develop a fix to ensure this doesn’t happen, however it calls into question the entire integrity of the EOS network. In essence, is this something EOS investors need to worry about?
According to Bitcoinist:
“This could allow the attacker to do whatever he wants. He could, in theory, steal the key of the network’s super node, control the transactions of virtual currencies carried out on the EOS network, acquire the users’ keys stored in their wallets, access key user profiles, and whatnot. Going further, a potential attack could cause damage to external networks as well.”
As it stands, EOS are yet to make any official announcements with regards to this, I suspect that this is because they are concentrating on resolving the issue and thus, we do expect them to make an announcement some time soon, possibly once the vulnerability has been patched.
What now for EOS investors?
Bear in mind, it is a good thing that this has been exposed before any malicious activity has been able to take place. This does prove just how vulnerable your cryptocurrencies are, not just in terms of market volatility and changing values, but also in terms of actual cybersecurity, even the most established currencies are as risk to attack.
Thankfully, 360 Total Security have been able to put a stop to this, before it really did become a problem. For now, we will keep an eye on the EOS camp to see what news comes out, we do expect more information on how this bug has remained undetected and also, some information on what has been carried out to protect users from future problems within this and the rest of the EOS network.