New EOS Bug Siphons RAM Directly From The User and Exploit Patch Update
EOS, the fifth largest crypto network by market capitalization, has made the headlines with unfortunate news. A new bug discovered on the EOS ecosystem permits that hackers are able to steal resources directly from the user of the platform.
If you are thinking that these “resources” are actual money, however, you are wrong. The resource that is being stolen is RAM. Due to its scarcity, RAM is very valuable in the EOS blockchain ecosystem. At the moment of this report, the company was working on a way to create a temporary fix for this problem.
Why Would Someone Steal RAM?
You might be wondering why would someone actually go and steal RAM if you are new to the EOS blockchain. In fact, the whole ecosystem uses a decentralized operating system that runs on decentralized apps and smart contracts. However, each of these decentralized apps and contracts needs RAM to store the data. The bigger an application is, the more RAM you need to run it and to make the EOS network run.
Up until recently, the RAM on the EOS blockchain was limited to only 64 GB. Last month, though, EOS Authority has started to create a solution by approving a new way to increase the RAM gradually over time.
However, RAM is still very valuable on the EOS blockchain and, because of this, users are trading it. This has transformed RAM into an important commodity in the system as the users are actively trading it all the time and there is always demand for RAM. Its prices fluctuate as there is more or less demand for RAM.
According to eos.feexplorer.io, 1kb of RAM costs a total of 0.12 EOS at the moment, this translates roughly into 60 cents of a dollar.
How Does The Bug Work?
According to the information we have gathered about this bug, this new EOS problem involves a user using malicious code which allows it to add table rows in the name of another user account. This way, the malicious user is able to steal the RAM by inserting a large amount of garbage into rows when users send it tokens.
At the moment, the solutions that is being used by the EOS network is for the users to send their tokens via a proxy account with no RAM in it. This way the code still works with the proxy account, but, as it does not have any RAM in it, it is not able to effectively steal it at all.
Previous EOS Bugs
It is important to remember that this is not the first serious bug that affects the EOS blockchain. According to our information, the EOS has been hit with some other security flaws recently.
This made the company concerned and the solution was to create an open bug bounty program in which the users are able to get money for fixing bugs. In June, a hacker from the Netherlands called Guido Vranken was rewarded with a total of $120,000 USD for discovering many bugs on the EOS blockchain.