ERC20 Fake Deposit Vulnerability Countered by Bitforex Maintenance and MFG Smart Contract Upgrade SyncFab Follow Aug 27, 2018 · 2 min read

BitForex identified a fake deposit vulnerability affecting the Ethereum network shortly after listing the MFG token. As a result of this industry-wide issue potentially impacting over 3,600 Ethereum ERC20 based tokens and the centralized exchange settlement system configurations where they trade, BitForex temporarily suspended trading, including deposits and withdrawals of MFG. BitForex patched the settlement vulnerability from their side and the MFG smart contract was upgraded to become compatible with these changes. Prior to the BitForex listing, the MFG ERC20 smart contract had already been audited with no security flaws identified including none related to the previous “Batch Overflow Bug” vulnerability. The recently discovered “Fake Deposit” Vulnerability was identified less than a month ago as an industry-wide vulnerability with Ethereum ERC20 based tokens affecting over 3,600 tokens and the centralized exchange order settlement system configurations where they trade, and other exchanges and token issuers should do the same to protect their token holders. BitForex and MFG are now positioned ahead of the industry accordingly.

For more information about this under-addressed issue in the Ethereum community, please reference the following article: https://news.8btc.com/slowmist-3619-eth-based-tokens-are-affected-by-fake-deposit-vulnerability

BitForex has announced that they have resumed trading, deposits and withdrawals for the majority of accounts.

Confirmed fake deposit users or users suspected of taking advantage of the fake deposit vulnerability with the Ethereum network have had their accounts flagged by BitForex and will remain locked by BitForex until they conclude their investigation. This being a BitForex customer support issue resting solely within the BitForex user account, trade settlement system and associated BitForex terms of service — affected users should direct their inquiries and cooperate with BitForex support to facilitate investigation resolution with BitForex to have your account unlocked for those whose accounts have been improperly identified as fraudulent in activity. Neither Smart MFG Tech LTD Nor SyncFab Co. Blockchain DApp have any influence or control over BitForex user accounts and are unable to lock or unlock any user accounts. As such, those affected are reminded to kindly cooperate with BitForex support directly in order to achieve the speediest resolution for your account’s status.