Tencent Specialists Found Vulnerability In NEO Network
Employees of the digital security department of Tencent, the Chinese technology company, have found a vulnerability in the NEO network that allows attackers to remotely transfer tokens from users’ wallets. The developers reported about this in the Weibo Chinese social network.
The Tencent cybersecurity experts have urged users who are holding the system nodes to change the addresses of their wallets in a manual mode, as well as update the client's default settings and download the latest version of the software. At the same time, the developers advised stopping the program from trying to carry out remote processes or change channels for performing of RPC functions.
Erik Zhang, a core developer of NEO, acknowledged the existence of the vulnerability. However, he noted that most of the users would not face this problem since they do not use specific functions.
It is not the first case of loopholes detection in the NEO security system. In May 2018, some vulnerabilities were noticed in the smart contract code of the network that affected the digital tokens of the NEP-5 standard. Hackers got the opportunity to change the totalSupply settings, which would allow them to burn user tokens or change the displayed amounts of funds in the accounts.
As previously reported, intruders managed to hack the crypto wallet of the BitPay payment company due to a vulnerability in a third-party module.