Tencent warning: NEO cryptocurrency is vulnerable to remote theft

Posted: 4 December 2018 1:08 pm
{"theme":"dark","direction":"horizontal","showArrows":true,"splitTitle":true,"playerOptions":{"captions":true,"popupOnScroll":true,"subscribe":{"title":"Subscribe","url":"https://www.youtube.com/channel/UCKvc0WUB65GCvOTgPVJ9yRA?sub_confirmation=1","visibleOnMain":true,"visibleOnPopup":true}},"active":{"index":0,"start":52,"end":null,"thumb":"https://dvh1deh6tagwk.cloudfront.net/finder-au/wp-uploads/2018/10/Fred-Variant-9.jpg","thumbAnimation":"kenburns-top-right","heading":{"small":"WATCH","large":"Jimmy Song gives us a big Bitcoin update + Aeternity Mainnet goes live

There are some conflicting reports, but NEO prices don't seem to have discernibly responded to the news.

Tencent's ZhanluLab security outfit has discovered and reported a vulnerability in NEO which allows hackers to remotely steal tokens from user wallets.

"When a user starts the NEO network node with the default configuration and opens the wallet, the digital currency may be remotely stolen," it says.

Tencent's two cents

ZhanluLab advises NEO node operators to do the following:

1. Upgrade to the latest NEO-CLI client
2. Try not to use the RPC function and manually change the address of BindAddress to
3. If you have to use the remote RPC function, change the RPC port number, enable the https-based port of JSON-PRC and set up a firewall.


NEO co-founder Erik Zhang didn't deny that there was a potential avenue for remote token theft, but suggested that the circumstances needed to steal the tokens made it unlikely that regular users would be affected.

Zhang stated that RPC can only be called by NEO-CLI, which casual users generally won't access, and it wouldn't activate RPC by default. Rather, one would have to deliberately set it up to do so by adding an additional command line. The BindAddress, meanwhile, is set to by default, and would have to be changed manually to open the vulnerability.

"All in all, normal users of the NEO blockchain will not suffer the possibilities of a token theft operated from afar," Zhang stated.

Question marks

The two statements seem to conflict, with Tencent saying the vulnerability would be open if a user starts a node with the default configurations. However, Zhang says the default settings won't leave one vulnerable.

Still, even if the settings do have to be changed, it would mean there is a feasible avenue for remote token theft.

The news doesn't seem to have had too much of an impact on NEO prices. It's dropped, but its prices are still just tracking bitcoin as usual.

One of the following charts shows NEO prices over the last 24 hours, and the other shows bitcoin. It probably doesn't really matter which is which, but it could make for a neat guessing game.

Disclaimer: This information should not be interpreted as an endorsement of cryptocurrency or any specific provider, service or offering. It is not a recommendation to trade. Cryptocurrencies are speculative, complex and involve significant risks – they are highly volatile and sensitive to secondary activity. Performance is unpredictable and past performance is no guarantee of future performance. Consider your own circumstances, and obtain your own advice, before relying on this information. You should also verify the nature of any product or service (including its legal status and relevant regulatory requirements) and consult the relevant Regulators' websites before making any decision. Finder, or the author, may have holdings in the cryptocurrencies discussed.

Crypto explained


Latest cryptocurrency news

Picture: Shutterstock

Get into cryptocurrency

Ask an Expert

You are about to post a question on finder.com.au:

  • Do not enter personal information (eg. surname, phone number, bank details) as your question will be made public
  • finder.com.au is a financial comparison and information service, not a bank or product provider
  • We cannot provide you with personal advice or recommendations
  • Your answer might already be waiting – check previous questions below to see if yours has already been asked

Finder only provides general advice and factual information, so consider your own circumstances, or seek advice before you decide to act on our content. By submitting a question, you're accepting our Terms of Use, Disclaimer & Privacy Policy and Privacy & Cookies Policy.
Go to site