An EOS mainnet security breach has allowed a hacker to steal $7.7 million worth of EOS.
A Telegram post by EOS block producer EOS42 outlined how one of 21 block producers (BPs) did not update a blacklist – a feature that requires BPs to ban compromised EOS mainnet accounts.
The Telegram post read: “On Feb 22, 2019, a new Active BP (games.eos) did not update the blacklist for EOS mainnet accounts.
“The blacklist is used to freeze accounts that were hacked. Due to the blacklist not being updated, an attacker from one of these frozen accounts managed to transfer 2.09 million EOS.”
Block producer is a term used to describe the most efficient miners of the EOS cryptocurrency.
A BP dubbed ‘games.eos’ reportedly did not update the blacklist.
“At the moment, for the blacklist to function, all BPs need to update the blacklist manually,” the Telegram post added.
“Only one blacklist not updated will bypass this.”
EOS42 is a web-based community of EOS cryptocurrency owners.
The Huobi exchange froze accounts the hacker sent funds to.
Huobi tweeted: “On Feb 22 at 17:35 (GMT+8), the Huobi Security team monitored that #ECAF (EOS Core Arbitration Forum) blacklisted accounts that had a sudden flow of assets.
“These $EOS accounts have subsequently been frozen, including relevant assets related to these accounts.”
The EOS platform was developed by private company block.one and released as open source software on June 2nd 2018.
One billion tokens were distributed on the Ethereum blockchain by block.one.
Block.one has been approached for a comment.
George Town, Grand Cayman, 22nd November 2024, Chainwire
Las Vegas, US, 1st November 2024, Chainwire
From digital art to real-estate assets, NFTs have become a significant attraction for investors who…
Singapore, Singapore, 21st October 2024, Chainwire
HO CHI MINH, Vietnam, 17th October 2024, Chainwire
London, UK, 16th October 2024, Chainwire