Vulnerability Discovered in NEO Tokens

One of the largest cryptocurrencies with a billion dollar market cap has discovered a vulnerability in its code

by Kyzmoff
22 May • 1 min
In Coins
NEO Global Development (NGD), the organisation behind one of China’s biggest cryptocurrencies, disclosed over the weekend that a vulnerability within NEO tokens has been detected. The vulnerability was found by security audit company Red4Sec in the code of some NEP-5 smart contracts, but the NEO blockchain was not affected, NGD said in a statement.
“There are several NEP-5 tokens affected by this issue. By exploiting this vulnerability, an attacker could make changes to the contract storage. An attacker can burn a certain amount of tokens and change the status of totalSupply within the contract. However, such an attack can only change the show value of totalSupply. It will not change the actual supply volume. In addition, the cost of this attack would be very high. Therefore, we consider the risk of damage from this attack very limited,” the statement reads.
According to reports, NEO acted on a quick notice and thus managed to reduce risk to any third parties involved in the most effective way possible. Anybody who has been or could be affected by this should contact NEO or take actions in order to update and secure a fix.

“NGD has already reached out to all concerned projects and informed them of the issue, along with releasing development guidance on how to address this vulnerability. NGD suggests project teams to use the contract upgrade API on the NEO fundamental layer to upgrade the affected smart contract,” it said.
It is important that when such issues arise they are dealt with in an efficient manner in order to protect the network. In this specific case, it appears that the NEO team reacted appropriately and controlled any potential damage, as a result of this, the news of the vulnerability had a bad or volatile impact on the price of NEO tokens.