OKEx, the third largest cryptocurrency exchange in the world by trade volume, has suspended all ERC20 token deposits after discovering a new smart contract bug dubbed "BatchOverFlow.”
“By exploiting the bug, attackers can generate an extremely large amount of tokens, and deposit them into a normal address. This makes many of the ERC-20 tokens vulnerable to price manipulations of the attackers,” the trading platform said.
OKEx said the deposits will be suspended until the bug is fixed. The platform has contacted the affected token teams to conduct investigation and take necessary measures to prevent the attack.
“If you have already made a deposit request, your funds will arrive safely after our deposit service resumed. We apologize for any inconvenience caused,” the exchange said.
The news comes one day after Ethereum (ETH/USD) wallet service MyEthereWallet (MEW) was hacked.
At least 215 ETH (worth around $150,000) was transferred to the hacker’s wallet which was then moved to another address.
By Siranush Ghazanchyan