Slow fog sets the white list of the normal contract account of the exchange to prevent the exchange CPU from being maliciously mined.

Yesterday evening, the slow fog warning Big Game's new pay-as-you-go CPU function suffered from smashing wool, and was maliciously exploited to dig EIDOS. This morning, slow fog released a red warning again, and the attackers began to use the exchange/DApp's coin-raising function to maliciously mine. When the exchange goes to the attacker's mining contract address to raise coins, it will trigger the mining logic, which causes the CPU of the exchange's coin wallet to be exploited by the attacker until the CPU resources are exhausted, affecting the other normal users' money. operating.
In the early warning, the slow fog suggests that the exchange/DApp checks whether the user's coin address is a contract account when processing the Token of EOS and EOS. Since some EOS coin-operated wallets are also contract accounts (such as huobideposit, binancecleos), it is necessary to maintain a white list of normal contract accounts. At present, the slow fog AML team has collected some of these accounts and open queries through the API. :https://aml.slowmist.com/api/eos_exchange_contract_addr
If the EOS coin wallet of the other exchange/DApp is also a contract account but not on this whitelist, please send the address to the slow fog security team email team@slowmist.com and we will update it immediately.