New proxyOverflow Bug in Multiple ERC20 Smart Contracts (CVE-2018-10376)

On 4/24/2018, 01:17:50 p.m. UTC, PeckShield again detected an unusual MESH token transaction (shown in Figure 1). In this particular transaction, someone transferred a large amount of MESH token — 0x8fff,ffff,ffff,ffff,ffff,ffff,ffff,ffff,ffff,ffff,ffff,ffff,ffff,ffff,ffff,ffff (63 f’s) to herself along with a huge amount fee —0x7000,0000,0000,0000,0000,0000,0000,0000,0000,0000,0000,0000,0000,0000,0000,0001to the address issuing this transaction.

                                            Figure 1: A Suspicious MESH Token Transfer (with huge amount)

There’s another case happened to the SMT token at 07:16:19 p.m. UTC with the same attack pattern.

Figure 2: A Suspicious SMT Token Transfer (with huge amount)

As we look into the corresponding smart contract, we find out that the proxyTransfer()function has a classic integer overflow problem.

Figure 3: A proxyOverflow-affected Smart Contract

As shown in Figure 3, both _fee and _value are input parameters which could be controlled by the attacher. If _fee + _value happens to be 0 (the overflow case), the sanity checks in line 206 could be passed. It means the attacker could transfer huge amount of tokens to an address (line 214) with zero balance. Also, a huge amount fee would be transferred to themsg.sender in line 217.

From our system-wide scanning, we have located quite a few ERC20 tokens affected, including

With the touted “code-is-law” principle in Ethereum blockchain, there is no traditional well-known security response mechanism in place to remedy these vulnerable contracts! A proper way to recover from these vulnerabilities and devastating effects requires coordination and support from all eco-system members, especially digital asset exchanges.
In the meantime, we cannot over-emphasize the importance of performing a thorough and comprehensive audit of smart contracts before deployment.

Fortunately, we’re happy to know that effectively at 04/25/2018 15:30 p.m. GMT+8, OKEx has ERC-20 tokens deposit suspended. (Here is the announcement:https://support.okex.com/hc/en-us/articles/360003019292 ). Similarly, Huobi Pro also suspends deposits and withdrawals of all coins ( http://space.bitleek.com/topic/2132/huobi-pro-suspends-deposits-and-withdrawals-of-all-coins). Meanwhile, we want to point out that certain affected tokens are still tradable on some exchanges (e.g., gate.io, HitBTC, YoBit, and CoinExchange). Note that the presence of non-centralized exchanges with offline trading services could pose additional challenges as they might not be able to stop attackers from laundering their tokens.