A bug has reportedly been discovered in the NEO (NEO) network that opens wallet owners up to remote attacks that could drain their funds.
First discovered by Chinese tech giant Tencent’s (TCEHY) security lab, the vulnerability exists when a new wallet owner starts off with the default configurations, which allows hackers to remotely access the coins.
Monitoring the famous blockchain project NEO (corresponding to the digital currency “small ant coin”) has the risk of remote piracy. When a user starts the NEO network node with the default configuration and opens the wallet, the digital currency may be remotely stolen. Tencent Security Zhanyi Lab has submitted a risk warning to the NEO development community, and reminded NEO node maintainers and “small ant coin” holders to pay attention to wallet security, update the client version in time, and pay attention to abnormal transfer behavior.
In order to defend against the bug, Tencent has published the following advice:
- Upgrade to the highest version of NEO-CLI client program.
- Avoid using remote RPC function, modify the address of BindAddress in the configuration file to 127.0.0.1
- if you have special needs, have to use remote RPC functions, should be taken to modify the RPC port number, enable HTTPS of the JSON-RPC-based interface, set firewall policies, etc. to protect the security node.
The NEO team has yet to comment publicly on the discovery, but the news has seemingly not shaken investors as NEO is fairly flat on the weekend to $8.12. The project’s $526.1 million market cap makes it the 16th largest coin in the AltDex 100 Index (ALT100), a benchmark index for the top-100 large-cap cryptocurrencies.
Interesting: NEO-Based DEX Switcheo Adds 19 More ERC-20 Tokens
Disclaimer: This article’s author has cryptocurrency holdings that can be tracked here. This article is for informational purposes only and should not be taken as investment advice. Always conduct your own due diligence before making investments.