Cryptocurrency can also be counterfeit. Using fake EOS tokens and critical vulnerability, scammers stole $58,000 from the decentralized trading platform.

The critical vulnerability of a small trading platform allowed cybercriminals to sell 1 billion fake EOS tokens on it. Platform users lost $58,000, receiving a useless set of codes instead of real EOS.

The decentralized exchange Newdex lost $58,000 of users' funds. Scammers created an EOS-account and, using the EOS blockchain, released their own tokens, giving them the same name - EOS. After that, they transferred new tokens to the Newdex trading platform and exchanged them for BLACK, IQ, and ADD. These tokens were subsequently exchanged for real EOS tokens and partially withdrawn from Newdex.

“EOS account oo1122334455 issued 1,000,000,000 fake EOS tokens,” Newdex wrote in a statement. “After testing the feasibility of the attack, the account began to place large [buy orders]. A total of 11,800 fake EOS orders were issued to purchase BLACK, IQ [sic] and ADD.”

Attackers managed to withdraw 4 028 real EOS worth approximately $20 000 and transfer them to BitFinex crypto exchange, where, most likely, the scammers plan to exchange them for bitcoins or any anonymous cryptocurrency, and then move their funds to fiat.

Although the attack happened due to the fault of the trading platform, Newdex did not announce any intentions to reimburse losses suffered by its users who bought fake EOS tokens.

The main reason that such an attack became possible is that Newdex did not use smart contracts and did not check the authenticity of the new token.

It is also worth noting that the EOS blockchain allows everyone to launch tokens and give them any name its founders want, including the names of already popular cryptocurrencies.