The internet security giant 360 has posted a blog on Weibo, the leading social media platform of China that claims to have find high-risk security vulnerabilities in EOS platform. This has been reported to its officials as well which might postpone EOS MainNet launch. The news has the EOS Reddit community in an uproar claiming it to be a FUD. However, latest news suggests that the issues have already been resolved.
360 finds high-risk security vulnerabilities in EOS platform
The Vulcan team of the Chinese internet security giant 360 has discovered a series of high-risk security vulnerabilities in the EOS platform. An official blog has been posted on the Weibo that confirms that it has been
“verified that some of these vulnerabilities can remotely execute arbitrary code on the EOS node.”
Moreover, remote attacks on its blockchain platform can directly control it and take over all the nodes that are running on EOS coin. According to the post, 360 has already reported to the EOS officials.
Also, as per the blog,
“The person in charge of the EOS network said that the EOS network will not be officially launched until these issues are fixed.”
The blog further explains that these vulnerabilities can be exploited to cause privacy and data leaks along with cyber attacks.
Talking about the criticality of the situation, it states because of the node system being completely controlled, the attack can “do whatever it wants”. This could be controlling the transaction on EOS network, acquiring privacy data like user’s key and so much more.
“the attacker can turn a node in the EOS network into a member of a botnet, launch a cyber attack or become a free “miner” and dig up other digital currencies.”
According to the local Chinese media source, the problem has been resolved as stated:
“EOS network is being repaired. Around 2 o’clock on the 29th, EOS has completed repairs.”
EOS Reddit community goes into hyper mode
This news created an uproar on the Reddit, as people commenting it to be a FUD. One Redditor tianyangj said:
“I just checked EOS Github issues and I don’t see any mentions of this bug. How did the 360 team submit their issue and who did they submit to?”
But some took it in a positive manner as ypp stated,
“I think there is no cause for panic – if there is indeed a legitimate security concern, it is fortunate that they found about it before the mainnet launch. I’ll keep holding my EOS as usual and just wait for block.one’s official response.”
Another Redditor, sc1zi shared:
“I think this is a good thing that Chinese firm help Block.one found the possible serious bug. And if this is true, I am confident that Dan’s team will fix it soon. Let’s wait for Dan’s response.”
“So now they go and fix it so its not an issue….good to know, but thats what makes open source great.”
Though there is no official confirmation yet, for the delayed MainNet Launch, tokyo_on_rails, commented:
“Please delay as much as necessary to avoid a catastrophic launch that will damage the entire industry. All chains must work together to avoid disaster, rather than race each other to finish lines.”
Right now, EOS price is riding at $11.26 registering the loss of about $6.73 percent in the last 24 hours.
What are your views on the vulnerabilities found by 360 on EOS platform? Do you think it is a fact and could postpone the MainNet launch? Share your thoughts with us!