Hackers managed to transfer 2.09 million EOS ($7.7 million) from a hacked account reportedly due to an alleged failed update by an EOS block producer (BP). EOS reported the news through a Telegram post on February 23.
Reportedly, the hack occurred on Feb 22 when a new EOS block producer named “game.eos” failed to update the blacklist for EOS mainnet accounts. Traditionally, the EOS blockchain is created with a feature that requires BPs to blacklist compromised accounts. The feature also needs the top 21 accounts to blacklist a specific account for the blacklist feature to function correctly.
Huobi’s security team detected the hack. The team discovered assets were pouring in from EOS blacklisted accounts into Huobi accounts. They managed to freeze the accounts and related asset. The team was able to identify this transfer with the help of blacklisted data from EOS Core Arbitration Forum (ECAF).
In a tweet, Huobi stated:
“On Feb 22 at 17:35 (GMT+8), the Huobi Security team monitored that #ECAF (EOS Core Arbitration Forum) blacklisted accounts had a sudden flow of assets into Huobi accounts. These $EOS accounts have subsequently been frozen, including important assets related to these accounts.”
Due to the hack, EOS42 has made a new proposal that suggests BPs nullify keys of blacklisted accounts. This would mean the end of veto power to a single BP on the EOS mainnet. Reportedly, the new proposal is much more effective than a “broken blacklist.” It also allows an account to be saved and returned to its apt owner.
The EOS system allows for 21 BPs who can be replaced by other candidates through constant voting process. This was done as per the ECAF orders.
EOS launched its mainnet last year in June. Since then, this platform has faced various challenges. In September 2018, hackers managed to steal about $58,000 worth of token from exchange Newdex. Reportedly, these hackers issued 1 billion units of token called “EOS.” The exchange later realized that the hackers had issued 11,800 fake EOS.
In the same month, an EOS-based platform lost $250,000 worth of EOS coins after unknown people attacked its platform.
The Genesis protocol upgrade on February 4, 2020 is a monumental step in the history of Bitcoin, and will see BSV returned as close as possible to the original protocol as envisioned by Satoshi Nakamoto. Visit the Genesis Hard Fork page to learn more.
To receive the latest CoinGeek.com news, special discounts on CoinGeek Conferences and other inside information direct to your inbox, please sign up for our mailing list.