Huobi Pro came down on ERC20 tokens due to a new bug, batchOverflow. These tokens make up for nearly 90% of all the coins out there on the market, making the bug a threat on a global scale.
Shortly after, Huobi Pro issued their notice, saying “Announcement on the recovery of deposit and withdrawal of non-ERC20 tokens. Dear Users, Huobi Pro now has recovered the deposit and withdrawal of non-ERC20 tokens. The recovery time of ERC20 tokens will be announced via another announcement. We apologize for any inconvenience caused during this period. Huobi Pro”
They further continued with the following announcement too “Dear users, SmartMesh(SMT) claims that their smart contract has been attacked and there is a vulnerability in their contract code that has been exploited. At the same time, Huobi Pro also discovered there is an abnormal transaction in https://etherscan.io/tx/0x0775e55c402281e8ff24cf37d6f2079bf2a768cf7254593287b5f8a0f621fb83. Our system detected all abnormal deposits and didn’t credit them.
We have already suspended deposits and withdrawals of all coins. Once we have rectified this issue, we will resume all deposits and withdrawals. The safety of our users’ wallets are our top priority. We apologize for any inconvenience caused during this period. “
It took exchanges nearly a day to react to the problem. In the early afternoon, PeckShield detected an unusual MESH token transaction. In this instance, someone transferred a large amount of MESH token to themselves, accompanied by a huge fee.
Another case occurred with the SMT token in the evening, displaying the same attack pattern. Looking into the corresponding smart contract, PeckShield discovered that the proxyTransfer()function has a classic integer overflow problem.
These are the ERC20 tokens affected so far, according to reports: MESH, UGToken, SMT, SMART, MTC, FirstCoin, GG Token, CNY Token, and CNYTokenPlus. In the meantime, we advise readers to be careful and always perform a thorough and comprehensive audit of smart contracts before deployment.
It’s #Huobi Talk time again! This time round we are featuring RuffChain – #Blockchain OS for IOT! Attractive airdrops! Subscribe to Huobi Pro YouTube channel & tune in to our Youtube Live stream – ??https://t.co/xoEcwfW3mh ??on 03May, Thursday, 12pm(GMT+8). ??@Ruff_Chain pic.twitter.com/gYnvCbob4Y
— Huobi Pro (@Huobi_Pro) May 1, 2018