On Sunday, the popular OKEx exchange has suspended the withdrawal and trading of BeautyChain tokens (BEC), citing "anomalous activity". Coinmonks made an investigaton on its activity.
Coinmonks had developed an automated system for scanning suspicious translations of ERC20-tokens, which sent a distress signal on April 22.
As it turned out, someone stole 8 vigintillions (value with 63 zeros) of BEC from the smart contract.
A more detailed study of the contract revealed a previously unknown vulnerability, which members of the Coinmonks community called batchOverflow.
The vulnerable function is located in batchTransfer and the code is shown in Figure 2. As indicated in line 257, the amount local variable is calculated as the product of cnt and _value. The second parameter, i.e., _value, can be an arbitrary 256 bits integer, say 0x8000,0000,0000,0000,0000,0000,0000,0000,0000,0000,0000,0000,0000,0000,0000,0000(63 0’s). By having two _receivers passed into batchTransfer(), with that extremely large _value, we can overflow amountand make it zero. With amount zeroed, an attacker can then pass the sanity checks in lines 258–259 and make the subtraction in line 261 irrelevant. Finally, here comes the interesting part: as shown in lines 262–265, the balance of the two receivers would be added by the extremely large _valuewithout costing a dime in the the attacker’s pocket!
Researchers also were able to repeat this operation with another smart contract, the tokens of which are not traded on the exchanges, and found a number of other contracts with a defect, to which tokens are traded on trading floors.
They tried to warn the owners of smart contracts about the vulnerability, but the practice of Ethereum "code-is-the-law" makes this process difficult.
A special problem is vulnerability for decentralized exchanges, because they can not even stop the attack.