A critical vulnerability in an Ethereum token made it possible for malicious actors to force cryptocurrency exchange desks to spend extremely high fees on transactions. Even worse, the attackers could abuse the bug for profit. The flaw, discovered by a group of cryptocurrency researchers, resides in Ethereum-based cryptocurrency GasToken. It remains unclear precisely how many exchanges are potentially vulnerable to it, but the researchers have contacted a bulk of possibly affected platforms. The bug primarily concerns exchange services with no gas usage limit for withdrawals to random addresses. Once such a transaction has been initiated, the attackers could make exchanges…

This story continues at The Next Web