Chinese Internet security firm 360 announced on Tuesday it has discovered a series of high-risk security vulnerabilities in the platform of EOS, a blockchain operating system for commercial-scale decentralized applications (dApps).
In a post on Chinese microblogging website Weibo, 360 said it has verified that some of these vulnerabilities provide for arbitrary code to be executed remotely on EOS nodes. Such remote attacks can directly take control over all nodes running on EOS.
The weaknesses in the software may lead to cyber attacks, causing data and privacy leaks, and even the theft money. Due to the decentralized computing characteristics of blockchain networks, a security vulnerability in the implementation of a blockchain node may allow for a widespread attack.
According to 360, “the person in charge of the EOS network said that the EOS network will not be officially launched until these issues are fixed”. It was not immediately clear whether the problems will be resolved before the planned June 2 mainnet release date.
EOS is an open source blockchain platform for developing dApps, created by renown crypto pioneer Dan Larimer. Initially built on the Ethereum blockchain, EOS has scheduled to move onto its own blockchain late on Saturday (UTC) https://eoscountdown.com/.
360 noted that the bugs it has found in the smart contract virtual machine on the EOS platform present a series of unprecedented security risks that have not been seen by analysts and researchers before. It warned that this type of issues could affect not only EOS but also other similar types of blockchain platforms, cryptocurrencies, and dApps, so the digital money sector players should be more vigilant and work harder on increasing the security of the blockchain network if cryptocurrencies want to be widely adopted.
EOS, the fifth biggest digital coin with a market cap of nearly USD 10 billion, has lost more than 7% of its value to around USD 11 by 9:30 UTC. Although almost the whole cryptomarket is in red at the moment it would be no surprise if EOS experiences more short-term pressure due to the security problems.