A Bug In NEO’s Blockchain Allows Hackers To Withdraw Users’ Tokens Remotely
Cybersecurity specialists from the Chinese technology giant Tencent have discovered a bug in NEO Blockchain that allows hackers to remotely steal tokens from users’ wallets.
Tencent recommends that node holders update the default configuration to the latest available version of the software and manually change the wallet address.
At the same time, experts advise to change the port of RPC-functions.
However, the main developer of NEO Protocol Eric Zhang said that the claimed vulnerability would not affect ordinary users, because they did not use specialized functions.
Recall that in May, a vulnerability with a limited degree of risk was discovered in the code of NEO smart contracts, which affected several tokens of the NEP-5 standard. Changing the totalSupply parameter in a contract, the attacker was able to burn a certain number of tokens or to increase the displayed number.