Discovered in Blockchain-Based EOS Smart Contract System
Security researchers have discovered a series of new vulnerabilities in EOS blockchain platform, one of which could allow remote hackers to take complete control over the node servers running the critical blockchain-based applications.
EOS is an open source smart contract platform, known as 'Blockchain 3.0,' that allows developers to build decentralized applications over blockchain infrastructure, just like Ethereum.
Discovered by Chinese security researchers at Qihoo 360—Yuki Chen of Vulcan team and Zhiniang Peng of Core security team—the vulnerability is a buffer out-of-bounds write issue which resides in the function used by nodes server to parse contracts.
To achieve remote code execution on a targeted node, all an attacker needs to do is upload a maliciously crafted WASM file (a smart contract) written in WebAssembly to the server.
As soon as the vulnerable process parser reads the WASM file, the malicious payload gets executed on the node, which could then also be used to take control over the supernode in EOS network—servers that collect transaction information and pack it into blocks.
Once the attackers gained control over the supernode, they could eventually "pack the malicious contract into the new block and further control all nodes of the EOS network."
Researchers have detailed how to reproduce the vulnerability and also released a proof-of-concept exploit, along with a video demonstration, which you can watch on their blog post.
The exploit demonstrated by the 360Vulcan researcher can bypass multiple default security mitigation measures to achieve complete control over the super node running the malicious contract.
The pair responsibly reported the vulnerability to the maintainers of the EOS project, and they have already released a fix for the issue on GitHub.
The researchers believe the new type of vulnerabilities affect not only EOS alone but also other types of Blockchain platforms and virtual currency applications.