Since the time cryptocurrencies have become popular and have gained value, hackers have been pretty active in exploiting vulnerabilities of blockchains and stealing coins. The latest victim that has fallen prey to hackers is NEO. According to the latest Weibo Post, Tencent Security Joint Labs has pointed out a vulnerability in NEO’s network which hackers are exploiting to steal coins remotely.
Vulnerability might slow down NEO’s roadmap project
NEO is one of the popular cryptocurrencies and has been often referred to as the “Chinese Ethereum” due to its similarity with Ethereum which allows developers to create smart contracts and decentralized applications. But the latest revelation by Tencent Security labs may take some limelight from NEO. According to the Weibo post by Tencent Security Joint Lab (loosely translated from Chinese) states
“[Burst] Blockchain re-explosive money crisis! @腾讯湛泸Lab Monitoring the famous blockchain project NEO (corresponding to the digital currency “small ant coin”) has the risk of remote piracy. When a user starts the NEO network node with the default configuration and opens the wallet, the digital currency may be remotely stolen. Tencent Security Zhanyi Lab has submitted a risk warning to the NEO development community and reminded NEO node maintainers and “small ant coin” holders to pay attention to wallet security, update the client version in time, and pay attention to abnormal transfer behavior”
The post also gives out some solutions through which users can avoid being hacked, but still, the warning asks users to pay attention to abnormal transfer behaviors
“Currently, small ant holders can avoid attacks by adopting the following schemes:
- Upgrade to the highest version of the NEO-CLI client program;
- Avoid using the remote RPC function, modify the address of BindAddress in the configuration file to 127.0.0.1;
- If you have special requirements, you must use the remote RPC function. You should ensure the security of the node by modifying the RPC port number, enabling the Https-based JSON-RPC interface, and setting the firewall policy.”
NEO that was touted to be one of the biggest success stories of cryptoworld may have hit a roadblock. There is no official announcement of the same from NEO and hence its difficult to determine how many coins have already been stolen. But one thing is for sure NEO will have to soon come with a solution to patch this up if it really wants to live up to promises of the community
Will NEO be able to overcome this vulnerability and patch it up soon? DO let us know your views on the same.