Following the "false recharge" vulnerability in USDT, recently, the slow fog area exposed Ethereum tokens againaccording to。
according toslow fog zoneAccording to today's news, the "false recharge" vulnerability of Ethereum tokens is currently widely affected, and related centralized exchanges, centralized wallets, token contracts, etc. are all affected. According to incomplete statistics, there are 3619 single-token contracts that have the risk of "false top-up", including many well-known tokens. He also emphasized that the current vulnerability has actually been attacked, and urged relevant project parties to conduct self-examination as soon as possible. On July 9, the SlowMist District issued an early warning of the "false recharge" vulnerability attack of Ethereum tokens.
According to the details disclosed, when the user transfers money, the transfer function of some token contracts uses the if judgment method to check the balance of the transfer initiator (msg. It is not a rigorous coding method in the function scenario. This loose coding method is a security flaw, which may lead to security problems in special scenarios. Attackers can use the flawed token contract to initiate recharge operations to centralized exchanges, wallets and other service platforms. If the exchange only judges that the TxReceipt Status is success, it may think that the recharge is successful and generate "false recharge". "Fake Transactions".
For the repair plan, Slow Fog District believes that,The best way for tokens with vulnerabilities is to reissue, and then "map" the old and new tokens. In addition, exchanges, platform parties, and token contract parties should all assume security responsibilities. For the exchange, in addition to judging the success of the transaction, it should also judge whether the balance of the recharge wallet address has increased accurately; security audit; for the token contract parties, the best security practices should be strictly implemented, and a third-party occupational security audit agency should be invited to complete a rigorous and complete security audit.
After the details of the vulnerability were released, as of press time, IOST officials have stated that none of their cooperative exchanges has the risk of "false recharge".
Looking back at the USDT "false recharge" vulnerability that occurred in June, the logic of the vulnerability is the same. The attacker also used the flaws in the judgment logic of the exchange for USDT transaction transfers to maliciously construct false transfers to steal exchange tokens.
The essence of a smart contract is a piece of code running in the blockchain network, which completes the business logic assigned by the user. With the increasing frequency of current smart contract vulnerabilities, its security issues have gradually attracted public attention. according toRatingTokenAccording to statistics, the current daily new smart contracts in the blockchain world range from 4W-18W, and in the "Blockchain Industry Security Analysis Report" of Baimaohui Security Research Institute, the security problems caused by smart contracts Losses of $1.24 billion have already been incurred, accounting for 43.3% of the total losses.
In June 2016, it became the largest ICO at that time with 150 million US dollarsTheDAO, because of its smart contract"Recursive Call Vulnerability"Hacked, resulting in the theft of $60 million worth of ether. Specifically, when the caller uses the splitDAO function to call DAO assets, the vulnerability will allow the function to illegally call itself again, and then repeat the process continuously. Such a recursive call can make the attacker's DAO assets repeatedly separated from TheDAO's asset pool dozens of times before being cleared. The attacker's DAO assets should be cleared. The security scandal also directly led to a hard fork.
In 2018, new loopholes are also emerging, and the token smart contract loopholes represented by SMT, BEC, EDU, and BAI are all generated in the transfer logic."Integer Overflow Vulnerability", this vulnerability can lead to unlimited issuance or arbitrary transfer of tokens.
Taking the US chain BEC as an example, hackers exploited the data overflow vulnerability in the BatchOverFlow vulnerability in the Ethereum ERC-20 smart contract to attack the US chain BEC smart contract, and generated a huge amount of Tokens that did not exist in the contract by means of transfer And transfer it to a normal account, and the Token received in the account can be normally transferred to the exchange for trading, which is no different from the real Token.
In addition, Loi Luu and others from the National University of Singapore have also found that“Transaction Order Dependency Vulnerability”, they pointed out that in the process of smart contract execution, different output results may be generated due to the order in which the initiator calls the functions, forming business logic loopholes.
Aiming at the loopholes generated by the current smart contract, the technical director of Block Fengbao LabZhang Wenjun(I am Aloe Vera, a reporter from Odaily. Please add WeChat 1012387983 for breaking news and communicating. Please note your name, unit, position and reason.)
(I am Aloe Vera, a reporter from Odaily. Please add WeChat 1012387983 for breaking news and communicating. Please note your name, unit, position and reason.)
