Trading of ERC-20 Token Has Been Suspended on Multiple Exchanges

Multiple Exchanges Suspend ERC-20 Token Trading Due To Potential BatchOverflow Bug

0 379
  • A number of cryptocurrency exchanges have suspended trading of ERC20 Token.
  • A potential new smart contract bug called batchOverFlow triggered this action.

Crypto World: Report reaching revealed that multiple cryptocurrency exchanges have suspended the trading of ERC-20 Token due to the discovery of a potential bug. Poloniex cryptocurrency exchange has suspended deposits and withdrawals of all ERC-20 (Ethereum-based) tokens, HitBTC exchange has begun an internal investigation that took deposits and transfers of ERC-20 tokens offline, and OKEX has concluded its decision to stop the deposit of ERC-20 earlier today after a potential new smart contract bug called batchOverFlow was discovered.

Other cryptocurrency exchanges who moved to suspend deposits and withdrawals for all ERC-20 tokens due to the newly discovered bug include QUOINE, Changelly, and several others.

A Medium user, Ranimes, on 23rd April posted a blog titled, “New batchOverflow Bug in Multiple ERC20 Smart Contracts.” The blog detailed how “a previously unknown vulnerability in the contract” made it possible for “an attacker to possess a huge amount of tokens by exploiting these vulnerable contracts.”

The blog added that, due to the “code-is-law” principle which is utilized on the Ethereum Blockchain, “there is no traditional well-known security response mechanism in place to remedy these vulnerable contracts.”

Ranimes noted that developers that work with the contract with this vulnerability have been contacted, however, “other exchanges also need to be coordinated and there still exist other tradable tokens vulnerable to batchOverflow.” The post also mentioned that non-centralized crypto exchanges who employ offline trading services could be faced with another problem “as they cannot even stop attackers from laundering their tokens.”

John Huxtable, another Medium user posted a blog that he believes that “it’s worth noting that batch Transfer isn’t a standard ERC-20 function so only the contract owners which chose to implement it could be affected.”

The present problem with some ERC-20 tokens occurs just after MyEtherWallet announced yesterday that about $150k worth of Ether was stolen in a DNS hack.

You might also like