Bad news for EOS lovers and enthusiasts. According to an important Twitter account known as cnLedger, the Chinese internet security giant 360 has found ‘a series of epic vulnerabilities’ in the EOS platform.
1/ Chinese Internet security giant 360 has found "a series of epic vulnerabilities" in the #EOS platform. Some of the bugs allow arbitrary code to be executed remotely on EOS nodes and even taking full control of the nodes.
Source (in Chinese): https://t.co/pt6nj6EodP
— cnLedger [Not giving away ETH] (@cnLedger) May 29, 2018
2/ According to their Weibo (Chinese Twitter), 360 reported the bugs to the EOS team. "The person in charge of the EOS network said that the EOS network will not be officially launched until these issues are fixed."
— cnLedger [Not giving away ETH] (@cnLedger) May 29, 2018
3/ 360: attacker can deploy smart contracts w/ malicious code to EOS super node, which will execute the contract and trigger a security bug. Once the contract is included in a new block, all full nodes including backup nodes, exchges, wallet nodes, are all susceptible to attack.
— cnLedger [Not giving away ETH] (@cnLedger) May 29, 2018
4/ On their weibo, 360 then urges the teams and companies in this industry to pay more attention to the security of blockchain projects, as more vulnerabilities could also be found on other cryptocurrencies in future.
— cnLedger [Not giving away ETH] (@cnLedger) May 29, 2018
5/ English version (Google translation) of the report by 360 company on discovering EOS vulnerabilities, posted by /u/ezpzfan324:https://t.co/EymsIVMMkl
— cnLedger [Not giving away ETH] (@cnLedger) May 29, 2018
The information has been released by the company on the Chinese famous social network, Weibo. Some of the bugs that have been found would allow arbitrary code to be executed remotely on EOS nodes and they could be able to take full control of the nodes.
These are very important news because EOS has been called ‘Ethereum’s Killer,’ which is quite impressive. But at the same time, EOS will be launching its so awaited mainnet in just four days.
As reported by the post uploaded to Weibo, the bugs have been reported to the EOS team on time. And what it is important to mark is that EOS may not launch its official mainnet if these bugs are not solved.
“The person in charge of the EOS network said that the EOS network will not be officially launched until these issues are fixed,” says the statement released by 360.
The Chinese company says that attackers are able to deploy smart contracts with malicious code to EOS super node. Then, it will execute the contract, which will trigger a security bug. Once the contract is included in a block the harming power is even more because it can affect backup nodes, exchanges, wallet nodes, and more.
One of the points that 360 recommends to the crypto community is to pay more attention to the security of the different projects available in the market. The internet security giant recommends to be more careful and analyse the security of other projects in a deeper way.
