Analysis: Nuls hacked due to transaction signature verification vulnerability, 2 million tokens stolen from team account

On the 20th of this month, the well-known public chain Nuls suffered a hacker attack, and the team account 2 million tokens were stolen. The analysis of the SlowMist security team found that the reason for this attack was a vulnerability in Nuls' transaction signature verification algorithm. The hacker bypassed the signature verification with a carefully constructed transaction, transferred the tokens of the team account, and then some tokens were thrown to the market. At present, major exchanges have suspended Nuls deposits and withdrawals. After the attack, the official emergency investigation of the problem, problem repair and code testing, and then released a new version of the program, and is scheduled to a high degree of 878,000 (about noon on December 25th Beijing time) for a hard fork, freezing other tokens that did not enter the market. Slow fog reminds the relevant operators of Nuls nodes to upgrade the nodes in time to avoid further expansion of attack incidents.