The popular cnLedger twitter account, which usually promotes Chinese blockchain related news, has just recently shared message from the Weibo channel of 360. 360 is a famous internet security giant from China, they are responsible for various products like antivirus software, web browser, mobile app store and they also account for 1 blb users world wide.

The message on Weibo, which is basically the Chinese version of Twitter, has been translated via google translate and can be found here. To sum up the vulnerability allows the attacker to construct and publish malicious code into smart contracts, which will be executed by the EOS super nodes and will trigger security holes. This in turn will allow the attacker to take control of all nodes via the blocks being launched from the super nodes. This allows the attacker to turn the whole network into a botnet.

The Chinese security company has alerted the founders of EOS before publicly displaying the vulnerability. Seems like this will cause a delay in the main net launch and will crush the hopes of most people who expected EOS to overtake ETH in the near future. Additionally the price of EOS just took a dive after the recent events:

For the full Tweet chain please see below:

1/ Chinese Internet security giant 360 has found "a series of epic vulnerabilities" in the #EOS platform. Some of the bugs allow arbitrary code to be executed remotely on EOS nodes and even taking full control of the nodes. Source (in Chinese): https://t.co/pt6nj6EodP — cnLedger (@cnLedger) May 29, 2018

3/ 360: attacker can deploy smart contracts w/ malicious code to EOS super node, which will execute the contract and trigger a security bug. Once the contract is included in a new block, all full nodes including backup nodes, exchges, wallet nodes, are all susceptible to attack. — cnLedger (@cnLedger) May 29, 2018