EOS is an opened upwardly source smart contract platform, known every bit 'Blockchain 3.0,' that allows developers to create decentralized applications over blockchain infrastructure, merely similar Ethereum.
Discovered past times Chinese safety researchers at Qihoo 360—Yuki Chen of Vulcan squad in addition to Zhiniang Peng of Core safety team—the vulnerability is a buffer out-of-bounds write number which resides inward the business office used past times nodes server to parse contracts.
To accomplish remote code execution on a targeted node, all an assailant needs to arrive at is upload a maliciously crafted WASM file (a smart contract) written inward WebAssembly to the server.
"With the out of leap write primitive, nosotros tin overwrite the WASM retentivity buffer of a WASM module instance," the duo explained inward their spider web log postal service published today.
"And alongside the assist of our malicious WASM code, nosotros lastly accomplish arbitrary retentivity read/write inward the nodeos procedure in addition to bypass the mutual exploit mitigation techniques such every bit DEP/ASLR on 64-bits OS. Once successfully exploited, the exploit starts a contrary musical rhythm in addition to connects dorsum to the attacker."Once the attackers gained command over the supernode, they could eventually "pack the malicious contract into the novel block in addition to farther command all nodes of the EOS network."
Since the super node organisation tin live controlled, the researchers said the attackers tin "do whatever they want," including, controlling the virtual currency transactions, in addition to acquiring other fiscal in addition to privacy information inward the EOS network participating node systems, such every bit an commutation Digital currency, the user's key stored inward the wallet, key user profiles, privacy data, in addition to much more.
"What's more, the assailant tin plough a node inward the EOS network into a fellow member of a botnet, launch a cyber assault or overstep a costless 'miner' in addition to dig upwardly other digital currencies," the researchers told THN.Researchers create got detailed how to reproduce the vulnerability in addition to too released a proof-of-concept exploit, along alongside a video demonstration, which you lot tin spotter on their spider web log post.
The exploit demonstrated past times the 360Vulcan researcher tin bypass multiple default safety mitigation measures to accomplish consummate command over the super node running the malicious contract.
The couplet responsibly reported the vulnerability to the maintainers of the EOS project, in addition to they create got already released a fix for the number on GitHub.
"In Blockchain networks in addition to digital currency systems, at that topographic point are many assault surfaces existing inward nodes, digital wallets, mining pools in addition to smart contracts. 360 security squad has previously discovered in addition to disclosed multiple relevant high adventure vulnerabilities,"The researchers believe the novel type of vulnerabilities send on non exclusively EOS lone but too other types of Blockchain platforms in addition to virtual currency applications.
