Hackers were able to steal nearly $58,000 worth of cryptocurrency from the Newdex exchange by exploiting a vulnerability in the exchange, according to TheNextWeb. The hackers flooded the Newdex exchange with fake EOS tokens they created themselves to buy ADD, BLACK and IQ tokens from the centralized platform.
Newdex acknowledged that an EOS account issued 1 billion phony EOS tokens. The EOS account, oo1122334455, placed purchase orders for ADD, BLACK and IQ. A total of 11,800 phony EOS orders were made. The hackers then exchanged the tokens for real EOS.
Newdex acknowledged the hackers nabbed 4,028 real EOS tokens, worth around $20,000, and sent them to Bitfinex, leaving Newdex users with cumulative losses around $58,000.
Newdex stopped the service at 15:52 on Sept. 18 after discovering an exception and activated an emergency response repair system, according to an observer on Reddit. The repair was completed at 16:33, and normal operation was resumed.
Newdex apologized for the loss, but has no plans to compensate people, according to the report.
Several days prior to the incident, the EOS community noted on Reddit that Newdex is not a genuine decentralized exchange (DEX) despite its “misleading marketing.” The PSA said not to trust Newdex since it does not use a smart contract and has not published the source code of its centralized matching server.
Instead, Newdex matches orders off-chain in a centralized server, according to the Reddit post. The post also presented a response form Newdex’s support stating it is “the first global decentralized exchange built on EOS,” and requires no deposit, no withdrawal, safe assets, and is open and transparent.
In addition, Scatter (an ecosystem for creating accountability and security in the blockchain space) is used as a login and trading interface so that Newdex would appear to be a genuine DEX, the Reddit post noted. The reality is that users were sending funds to regular EOS accounts that don’t have any kind of smart contract running on them.
According to Trybe, a tokenized knowledge and content sharing platform, Newdex has been plagued with trade issues, token issues, and extensive transfer times.
After allegedly encountering issues trading EOS on Newdex and communicating these issues to the exchange, Newdex responded that there are issues with the EOS network.
Trybe posted a note from Newdex claiming that there has been instability with the EOS mainnet causing unstable trades on all major exchanges, causing some exchanges such as Bithumb and Huobi Pro to withdraw service for EOS, ADD, and IQ.
Trybe noted, however, that it has not encountered issues trading EOS on other exchanges.
Images from Shutterstock
Last modified: September 20, 2018 12:07 UTC