UselessEthereumToken(UET), ERC20 token, allows attackers to steal all victim’s balances (CVE-2018–10468)
Abstract
I found a vulnerability of a smart contract for UselessEthereumToken(UET), an Ethereum ERC20 token (CVE-2018–10468)[1]. Attackers can steal all victim’s balances into their accounts because there is a wrong if statement in transferFrom function.
Details
In ERC20 Token standard, it defines transferFrom function as follows [2]:
Transfers
_valueamount of tokens from address_fromto address_to, and MUST fire theTransferevent.
It transfers balances of address_from to address _to at most _allowed[_from][msg.sender]. It is orginal functionality of transferFrom function.
However, as you can see in Figure 1, transferFrom in UET smart contract is weired [3]. By the above code, a user can transfer balances more than address _from has, if balances[to] + _value is overflowed. It should be fixed as follows:
bool sufficientFunds = fromBalance >= _value;
bool sufficientAllowance = allowance >= _value;
bool overflowed = balances[_to] + _value > balances[_to];if (sufficientFunds && sufficientAllowance && overflowed) {
Directions of two inequalities should be changed and ‘!’ in front of ‘overflowed’ variable in the if condition should be removed.
what can attackers do?
Attackers can steal balances of target addresses into his address. They just select _value that is a big enough to set overflowed variable as false, and select _to as his address. If attackers send a transaction with those arguments, the condition of if statement, at line 60, will be passed and then balances will be manipulated.
Exploits
It seems that it has already exploited several times by someone. I found two exploit transactions that had tried to transfer a huge number of tokens [4][5].
UET token is scam?
After I found this vulnerability, I visited the official homepage of Useless Ethereum Token [6]. In the page, they said that “Seriously, don’t buy these tokens”
If you visit the offical page and read all text in that page, you can realize that it is scam. However, the developer said honestly that don’t buy it because this token does not have any value. Nevertheless, many people bought UET token and it collected about 310.445 Ether(about $226,274 in these days) during in crowdsale. Moreover, it is available at HitBTC exchange [7] (now, deposit/withdraw is not available).
Reports
I reported it to the developer of UET token, ethereum.org and got CVE id. Around the same time, Peckshiled team reported it and got same CVE id with me. They already published an article before me [8]. CVE team confirmed that I reported first and then Peckshied sent a request 30 hours later. So CVE team gave a same CVE id to me and Peckshiled, but Peckshiled published their article before me.
Conclusion
Developers always should pay attention to the direction of the inequality. Sometimes it causes serious security vulnerabilites in smart contracts as well as in many other softwares. However, in this case, I strongly suspect that it is an intentional bug. Therefore, people should be carefule when they purchage crypto token.
References
- [1] CVE-2018–10468: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10468
- [2] tranferFrom in ERC20 Token Standard: https://github.com/ethereum/EIPs/blob/master/EIPS/eip-20.md#transferfrom
- [3] Code of UET smart contract: https://etherscan.io/address/0x27f706edde3aD952EF647Dd67E24e38CD0803DD6#code
- [4] an exploit transaction at 04/20/2018 : https://etherscan.io/tx/0x122ee230d86cea0d1c1df42599e722a849067598777a0f43ccf83b12d0dfd485
- [5] an exploit transaction at 04/27/2018: https://etherscan.io/tx/0x50a100eaf74469520177db55ea28f6046492034fdf5f5d264768d87c60ec3f3b
- [6] Official page of Useless Ethereum Token: https://uetoken.com
- [7] UET in HitBTC: https://hitbtc.com/UET-to-ETH
- [8] Peckshiled’s post: https://medium.com/@peckshield/your-tokens-are-mine-a-suspicious-scam-token-in-a-top-exchange-5e864075f7e9
