2018-04-25
OKEx and Poloniex suspended all ERC-20 tokens deposits and withdrawals to review all smart contracts for exposure to the new smart contract bug BatchOverFlow. While Poloniex already re-enabled deposits and withdrawals, OKEx's deposits are still suspended.
BatchOverflow Bug is a classic integer overflow issue. By exploiting the bug, attackers can generate an extremely large amount of tokens, and deposit them into a normal address. This makes many of the ERC-20 tokens vulnerable to price manipulations of the attackers.
The first detection of New proxyOverflow Bug occurred on 2018-04-22 by PeckShield. During the scan and analysis of Ethereum-based (ERC-20) token transfers, which they built on their earlier efforts in analyzing EOS tokens, PeckShield's system raised an alarm caused by an unusual BEC token transaction.(Figure 1)
Figure 1: Huge amount of BEC Token Transfer
The study of the code has revealed that such transfer comes from an ''in-the-wil'' attack that exploits a previously unknown vulnerability in the contract.
The vulnerable function is located in batchTransfer and the code is shown in Figure 2. As indicated in line 257, the amount local variable is calculated as the product of cnt and _value. The second parameter, i.e., _value, can be an arbitrary 256 bits integer, say 0x8000,0000,0000,0000,0000,0000,0000,0000,0000,0000,0000,0000,0000,0000,0000,0000(63 0’s). By having two _receivers passed into batchTransfer(), with that extremely large _value, we can overflow amount and make it zero. With amount zeroed, an attacker can then pass the sanity checks in lines 258–259 and make the subtraction in line 261 irrelevant. Finally, here comes the interesting part: as shown in lines 262–265, the balance of the two receivers would be added by the extremely large _value without costing a dime in the the attacker’s pocket!
PeckShield (https://peckshield.com/2018/04/22/batchOverflow/)Figure 2: The Vulnerable Function: batchTransfer()Further analysis shown that more than a dozen of ERC20 contracts are vulnerable to this bug. To demonstrate, they've successfully transacted with one vulnerable contract (not tradable in any exchange) as a proof-of-concept exploit (Figure 3).Figure 3: Proof-of-Concept ExploitOn 2018-04-24 they detected more of suspicious token transactions (Figure 4 & 5).Figure 4: Unusual MESH token transactionFigure 5: Unusual SMT token transactionFigure 6: proxyTransfer() function classic integer overflow problemAs shown in Figure 6, both _fee and _value are input parameters which could be controlled by the attacher. If _fee + _value happens to be 0 (the overflow case), the sanity checks in line 206 could be passed. It means the attacker could transfer huge amount of tokens to an address (line 214) with zero balance. Also, a huge amount fee would be transferred to the msg.sender in line 217.
PeckShield (https://peckshield.com/2018/04/25/proxyOverflow/)
Affected ERC20 tokens list: