New batchOverflow Bug in Multiple ERC20 Smart Contracts (CVE-2018–10299)

Built on our earlier efforts in analyzing EOS tokens, we have developed an automated system to scan and analyze Ethereum-based ERC-20 token transfers. Specifically, our system will automatically send out alerts if any suspicious transactions e.g., involving unreasonably large tokens occur. In...

Integer overflow

An integer overflow in the batchTransfer function of a smart contract implementation for Beauty Ecosystem Coin BEC, the Ethereum ERC20 token used in the Beauty Chain economic system, allows attackers to accomplish an unauthorized increase of digital assets by providing two receivers arguments in...

CVE-2018-10299

An integer overflow in the batchTransfer function of a smart contract implementation for Beauty Ecosystem Coin BEC, the Ethereum ERC20 token used in the Beauty Chain economic system, allows attackers to accomplish an unauthorized increase of digital assets by providing two receivers arguments in...

CVE-2018-10299

Beauty Ecosystem Coin (BEC) smart-contract vulnerability: batchTransfer suffers an integer overflow when calculating the amount as the product of cnt and _value, enabling an attacker to inflate balances for two _receivers with a large _value. The issue is documented as batchOverflow and was obser...