About $58,000 was stolen from token exchange Newdex, through the issuance of fake EOS tokens in the network.
Newdex, in an announcement, confirmed that the hackers had issued 1 billion units of a token simply called ‘EOS,’ which were then used to purchase other tokens available in the exchange. All in all, the hackers made use of 11,800 fake EOS as though they were the real cryptocurrency.
The hackers were also able to purchase 4,028 of the actual EOS cryptocurrency, which were then transferred into a Bitfinex account.
“In order to provide better service, the Newdex team took responsibility for the entire loss and has fixed the problem in the first place and resumed normal transaction. All Newdex users please don’t worry and use it at ease,” Newdex said in its announcement. The exchange also said that it will be tracing the hackers and prosecuting them.
“The Newdex team is well aware that there are still many shortcomings to be improved… Although we have encountered many difficulties on the way forward and will encounter more problems in the future, we will not forget the initial intention and will do as best as we can to provide a better trading experience for Newdex users,” the exchange said.
Online tech magazine The Next Web explained that the hack was made possible because an EOS token could be created by anybody who wanted to, and could even be named ‘EOS’ itself.
“Second, Newdex doesn’t use smart contracts. [T]here was nothing to confirm the authenticity of the cryptocurrency being pumped into it,” David Canellis from The Next Web wrote, adding that Newdex was taking advantage of the “hype” surrounding decentralized exchanges, by calling itself such.
“In reality, it’s just a single user account handling trades under the guise of being an asset exchange—pretty centralized, if you ask me,” Canellis said.
EOS and its developers have been under criticism by the blockchain community, particularly for not quite living up to the claim of being “the next Ethereum,” although in terms of susceptibility to hacks, the moniker may be fitting.
Yo Sub Kwon, founder and CEO of blockchain security provider Hosho, issued a statement saying, “EOS smart contracts are so new that they will suffer from the same issues that Ethereum smart contracts did early on of just not knowing which problems to keep watch for during development… It is incredibly important to have smart contracts audited, especially if they are going to have large amounts of money run through them.”
Just last week, two EOS gambling platforms were reported to have been hacked, with the thieves running off with over $250,000 in all.
New to Bitcoin? Check out CoinGeek’s Bitcoin for Beginners section, the ultimate resource guide to learn more about Bitcoin—as originally envisioned by Satoshi Nakamoto—and blockchain.