Main page News, EOS

A detected bug causes problems for EOS users. Vulnerability allows to block their valuable network resources without any authorization. The EOS team was already looking for a solution to the problem. For now, users have to deal with vulnerability on their own.

“A malicious user can install code on their account which will allow them to insert [table] rows in the name of another account sending them tokens. This lets them steal RAM by inserting large amounts of garbage into [table] rows when dApps/users send them tokens,” the EOSEssentials team explained.

A user can become a victim only if he has performed a transaction on a malicious address. The beneficiaries of the transfer are not subject to the attack. The stolen RAM resources are blocked, which prevents them from being transferred to another account, sold or returned to the owner.

WHY IS IT IMPORTANT?

  • EOS developers suggested using proxy servers acting as intermediaries, accounts without access to RAM, in order not to fall for the bait of intruders.
  • At the moment, users need to edit the code for their own security before the official correction from the EOS team.
  • The developers noted that no decentralized application should have the right to add resources without a mechanism for their return. In the long term, this will lead to the emergence of thousands of accounts that store garbage RAM.
Read also:
Please describe the error
Close