On April 22 and April 24 several cryptocurrency exchanges were forced to pause trading as over a dozen ethereum-based ERC-20 smart contracts were found to have a integer overflow issue.
The severity of this bug was high as it allowed malicious actors to create an extraordinarily large number of tokens and deposit them their own address.
In quick response to this vulnerability, on April 25, Huobi Pro announced that they would be halting withdrawals and deposits of all coins as a batchOverflow bug was found in the smart contract of a project called SmartMesh(SMT).
Huobi’s First Announcement: https://www.huobi.pro/zh-cn/notice_detail/?id=1383
Huobi later announced that the suspension would only be applicable to ERC-20 tokens as the bug was found to only affect ERC-20 smart contracts. Withdrawals and deposits of non ERC-20 tokens were shortly resumed.
Huobi’s Second announcement: https://www.huobi.pro/notice_detail/?id=1392
Huobi Pro’s prompt action was well received by its users as they were reassured that the safety and security of their assets was Huobi’s top priority.
Other exchanges such as OKEX responded to the issue by suspending deposits of all ERC-20 tokens. Meanwhile Poloniex announced that via their official twitter channel that they would be suspending transactions.
Detailed technical information regarding the issue can be found here: https://medium.com/@ranimes/alert-new-batchoverflow-bug-in-multiple-erc20-smart-contracts-cve-2018-10299-511067db6536
Huobi Pro users, however, needn’t fret as their funds are in safe because of the timely actions taken by the exchange. Security continues to remain a top concern for Huobi and the team continues to remain vigilant when it comes to malicious attacks.