Root-cause analysis not yet published. The incident description below contains all currently available signal — review the attack transaction directly for definitive forensics.
The well-known public chain NULS suffered a hacker attack and lost nearly $480,000 worth of NULS tokens. The SlowMist security team analyzed and found that the reason for the attack was that there was a loophole in the NULS transaction signature verification algorithm. The hacker bypassed the signature verification by using a carefully constructed transaction, transferred the tokens of the team account, and then some tokens were thrown into the market. , At present, major exchanges have suspended the deposit and withdrawal of NULS. After the attack, the official urgently checked the problem, carried out problem repair and code testing, and then released a new version of the program, and scheduled a hard fork at the height of 878000 (about noon on December 25th, Beijing time) to freeze other tokens that have not flowed into the market. Attack method (per SlowMist): Vulnerability in transaction signature verification algorithm. Reported loss: $ 480,000.
- chain
- —
- protocol
- NULS
- bug_class
- unknown
- date_occurred
- 2019-12-23
- loss_usd
- $480,000
- source_id
- sm:nuls::2019-12-23