HomeCryptocurrency News2.09 Million EOS Stolen from Hacked Account

2.09 Million EOS Stolen from Hacked Account

| Publish date: 02/26/2019
Share

EOS Tokens

According to a post on Telegram on February 23 by EOS42, an EOS block producer, an unknown hacker was able to move 2.09 million EOS (worth about $7.7 million) from a hacked account. According to the post, this was possible because another EOS block producer had allegedly failed to update his blacklist.

Following Procedure

The EOS Blockchain has a protocol that requires all of its Block Producers (BPs) to blacklist a compromised account. However, all of the top 21 BPs have to update their blacklists for the account to be frozen. If even one BP does not update their blacklist, then the account remains operational.

On February 22, a new EOS BP called games.eos reportedly omitted to update the blacklist for EOS’ Mainnet accounts. This led to one of the account holders to lose 2.09 million EOS.

Huobi to the Rescue

After the cryptocurrency was stolen from the account, global cryptocurrency exchange Huobi stepped in to help. The exchange’s security team noticed EOS cryptos pouring into a certain number of its accounts. These assets were coming in from EOS accounts.

Changelly - Exchange cryptocurrency at the best rate

ECAF (EOS Core Arbitration Forum) had already provided a list of blacklisted accounts to cryptocurrency exchanges, which meant that Houbi’s team was able to identify the accounts the digital assets were coming in from. Thus, the exchange froze the accounts as well as the assets in those accounts. The company announced this via a Tweet on February 23.

While Huobi may have frozen some of the funds that were transferred out of the hacked EOS account, there is no guarantee that all the funds were transferred to the cryptocurrency exchange.

The upside is that now that Huobi has raised the alert about stolen EOS funds, other cryptocurrency exchanges may also freeze accounts that show suspicious activity. And while other exchanges have not commented on this situation, it is common practice for the platforms to freeze accounts when an attack is detected.

Change in Protocol

After this theft, EOS42 submitted a new proposal – to change the current protocol. According to the BP, keys of blacklisted accounts should be nullified rather than asking block producers to veto those accounts.

According to this BP, nullifying the compromised account would be a more effective measure rather than facing another failed blacklist. Added to that, to nullify the account, the participation of only 15 of the 21 block producers would be required.

EOS42 also states that an account can still be saved and then returned to the owner once the threat has been eliminated.

No decision has been taken on what action should be taken at this time.

Share

Related Posts

Tiberius Offering New Crypto Backed by Metals
Tiberius Group AG, the Swiss commodities trader and asset…
Read more
Millions Worth Of Crypto Stolen Using Telecoms...
Earlier this month, an American investor by the name…
Read more
Circle Saw $24 Bn in Trading Volume...
Circle, the OTC (over-the-counter) trading desk, saw $24 billion…
Read more

Leave a Comment