NEO, a major cryptocurrency with a market cap in excess of USD 500 million and USD 100+ million of daily trading volume, apparently has a critical bug that allows hackers to remotely steal cryptocurrency. Tencent Security Labs, the security branch of Chinese internet giant Tencent, identified this bug and has issued guidelines on how to patch it to avoid losses of cryptocurrency.
When a user starts a node on the NEO network with the default configuration, they are at risk of hackers stealing their cryptocurrency remotely. NEO is a blockchain platform that is popular for developing scalable decentralized applications (Dapps), much like Ethereum, so users who are susceptible to this bug are at risk of losing tokens issued via the NEO platform, in addition to the NEO token itself. Tencent Security Labs issued a warning to the NEO developers and the community about this bug and, in general, warned users to always update to the most recent software and pay attention to abnormal transfer behavior.
This bug can be patched by upgrading to the most recent version of the NEO-CLI client program, avoid using the RPC function, and modifying the address of BindAddress in the configuration file to 127.0.0.1. If someone must use RPC, then they should change the RPC port number, enable the https-based JSON-RPC interface, and set the firewall policy.
NEO is often referred to as the ‘Chinese Ethereum‘ and has a large userbase in Asia and numerous Dapps. The cryptocurrencies NeoGas (similar to Ethereum Gas), THEKEY, Wowbit, Red Pulse Phoenix and scores of others run on the NEO blockchain. Users of these cryptocurrencies must be aware of this bug and take appropriate steps to patch it.
Follow BitcoinNews.com on Twitter: @bitcoinnewscom
Telegram Alerts from BitcoinNews.com: https://t.me/bconews
Want to advertise or get published on BitcoinNews.com? – View our Media Kit PDF here.
Image Courtesy: Pixabay
