New Security Vulnerabilities Discovered in EOS Blockchain Platform
Recent findings by Chinese security researchers reveal critical vulnerabilities in the EOS blockchain platform, which could ultimately allow remote attackers to take full control of node servers operating essential blockchain applications. EOS, an open-source smart contract platform often referred to as “Blockchain 3.0,” enables developers to create decentralized applications built on blockchain infrastructure, similar to Ethereum.
The vulnerabilities, identified by Yuki Chen and Zhiniang Peng from the Qihoo 360 teams, stem from a buffer out-of-bounds write issue present in the function that node servers utilize to parse contracts. By exploiting this flaw, attackers can execute arbitrary code on targeted nodes, which jeopardizes the integrity of the entire EOS network.
To achieve remote code execution, an attacker simply needs to upload a maliciously crafted WebAssembly (WASM) file to a vulnerable server. As soon as the node’s process parser engages with this compromised file, the malicious payload is executed. This action not only compromises the node but can also permit control over supernodes, which are vital components of the EOS network responsible for compiling transaction data into blocks.
The research team explained in their statement that “with the out-of-bounds write primitive, we can overwrite the WASM memory buffer of a WASM module instance.” They further elaborated on how their malicious WASM code enables them to read and write arbitrary memory in the node’s process, effectively bypassing standard protective measures like Data Execution Prevention (DEP) and Address Space Layout Randomization (ASLR).
Once attackers gain access to a supernode, they can manipulate various aspects of the EOS network, including virtual currency transactions and sensitive user data stored within participating node systems. This includes exchange data, wallet keys, and personal profiles.
Furthermore, they noted the potential for turning compromised nodes into members of a botnet, engaging in cyber attacks, or exploiting the systems for cryptocurrency mining. In their findings, the researchers provided a detailed methodology for replicating the vulnerability and presented a proof-of-concept exploit, offering insights into the technical intricacies of the attack.
The EOS project’s maintainers were notified of these vulnerabilities promptly, and a fix has since been released on GitHub. The researchers highlighted that vulnerabilities of this nature are not isolated to EOS; other blockchain platforms and cryptocurrency applications could also be at risk.
In assessing this event through the lens of the MITRE ATT&CK framework, several adversary tactics and techniques emerge. The attack exemplifies the “Initial Access” tactic, achieved via the upload of the malicious WASM file. Furthermore, the execution of arbitrary code aligns with techniques such as “Privilege Escalation” and “Persistence,” given that attackers can maintain control over compromised nodes and further exploit the ecosystem.
This episode serves as a crucial reminder for business owners and stakeholders involved in blockchain technology to remain vigilant against emerging threats that target the very foundations of decentralized applications.