Misconfigured EOS Nodes May Expose Private Keys

Attackers are trying to find nodes with this vulnerability
30 May 2018   829

Attackers scan the Internet in search of EOS nodes, which can distribute their private keys because of an incorrectly configured API, writes Bleeping Computer.

As reported by the GreyNoise, scanning began on Tuesday, and all suspicious activity comes from the IP address 185.169.231.209.

GreyNoise Inteligence Twitter
GreyNoise Inteligence Twitter

Scanning began a few hours after the publication of the Chinese company Qihoo 360, which reported a "series of huge vulnerabilities" in the EOS software that allow remote code execution on the nodes and cause a number of undesirable consequences. However, it seems that last attack doesn't have relation to it.

However, it is directly related to the report published a week ago on GitHub, which talks about the problem at the endpoint of the EOS RPC API, which leads to the disclosure of private keys to EOS accounts.

According to the report on GitHub, the authentication system that would protect the endpoint of this API does not exist, and the information is transferred to the network through the public interface of the EOS node.

Obviously, the attack organizer got acquainted with the report on GitHub and is now trying to find the nodes whose owners have not taken the necessary measures to ensure their security.

Nevertheless, the situation is not as critical as it may seem. As one EOS developer said, this API endpoint is not a standard element of the EOS API and is only included in the wallet_plugin file. This plugin is used for tests, that is, in practice a very small number of nodes will use it when connecting directly to the Internet, and, as a rule, it does not start on working nodes.

In any case, all owners of EOS nodes who have not yet done so must disable the plug-in on their working nodes and use another method for processing private keys.

Earlier, EOS developers reported that they eliminated the discovered vulnerability Qihoo 360, adding that it was not as serious as the Chinese company wrote about it.

EOS to Buy $30M Worth Domain For Its Social Network

Earlier, CEO reported that his company will spent about $150M to develop Voice, and looks like "voice.com" purchase for $30M is one of the first steps
19 June 2019   109

The Block.One company, known for developing the EOS blockchain protocol, acquired a domain for its new social network Voice for $ 30 million. This is evidenced by documents published on the website of the US Securities and Exchange Commission (SEC).

Documents were provided by MicroStrategy, an analytical and mobile software provider. It follows the “voice.com” domain, registered in the GoDaddy domain name registry, was transferred to the EOS developer on May 30, 2019. After 2 days, Block.One officially announced preparations for the launch of a social network.

Block.one has made a smart strategic decision in choosing Voice.com to be the internet domain name for its new social media platform. The word ‘voice’ is simple and universally understood. It’s also ubiquitous — as a search term, it returns billions of results on the internet. An ultra-premium domain name like Voice.com can help a company achieve instant brand recognition, ignite a business, and massively accelerate value creation.
 

Marge Breya 

Senior Executive Vice President and Chief Marketing Officer, MicroStrategy Incorporated. 

The commercial model of MicroStrategy is based, among other things, on the accumulation and sale of such expensive domain names.

According to Block.One, the identification of users and the use of the EOS blockchain in the social network will help to avoid the massive influx of bots, which often affect other members of this niche. Earlier, CEO Block.One Brendan Blamer reported that his company spent about $ 150 million to develop Voice.