Bitcoin Forum
June 21, 2024, 05:31:31 PM *
News: Latest Bitcoin Core release: 27.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: Two EOS Gambling Platforms Fall Prey to $260,000 Hack  (Read 93 times)
oksgvardukraine2018 (OP)
Jr. Member
*
Offline Offline

Activity: 126
Merit: 5


View Profile
September 16, 2018, 12:55:38 PM
 #1

Two EOS Gambling Platforms Fall Prey to $260,000 Hack
Smart contracts on two EOS gambling platforms have been hacked in the last four days to the tune of more than a quarter of a million dollars, with another platform paying out $600,000 to one user in an unusual-looking jackpot which EOSBet insists was simply luck.

DEOSGames Hacked — $24,000 Stolen
The first and more minor hack occurred on Sept. 9 when a DEOSGames user named runningsnail went on what appeared to be quite the winning streak, with $1,000 payments made dozens of times. The user would deposit 10 EOS and then win the jackpot 30 seconds later, like clockwork, a suspiciously-automated process which can be seen here in the user’s eosflare account overview.

DEOSGames confirmed that its smart contract had been hacked, spinning the malicious exploit as “a good stress test” in a short statement released on social media.

EOSBet Hacked — $236,000 Stolen
EOS cryptocurrency

Yesterday, /u/EOSBetCasino released a statement on Reddit explaining the nature and scale of a smart contract hack resulting in a major loss of funds.

“Dear EOSBet Community,

On September 14th around 3:00AM UTC we experienced a hack and breach of our bankroll, resulting in a theft of 44,427.4302 EOS before our contracts were taken offline by the development team. The remaining 463,745 EOS in our EOSBETDICE11 and EOSBETCASINO contracts are safe, the vulnerability is patched, and we are back online. We want to be as transparent as possible in explaining this breach and addressing any concerns the community might have.”
https://www.ccn.com/two-eos-gambling-platforms-fall-prey-to-260000-hack/
butka
Full Member
***
Offline Offline

Activity: 434
Merit: 246


View Profile
September 16, 2018, 02:14:10 PM
 #2

This quote from the linked article is indicative of what happened:

Quote
The hacker exploited a flaw in the code that allowed them to bypass the esio.token ->transfer function, which meant that their funds were not deposited to the smart contract. Whenever they lost, they didn’t have to pay, but if they won they would win real funds which could then be cashed out, essentially allowing them to gamble in a consequence-free casino dishing out free money.

It seems like a badly written code. These smart contract codes have so many attack vectors that the coding has to be top notch or else you are giving away money.
xtraelv
Legendary
*
Offline Offline

Activity: 1288
Merit: 1924


฿ear ride on the rainbow slide


View Profile
September 20, 2018, 07:00:44 AM
 #3



EOSBet got hacked after mocking their competitor for getting hacked.

https://www.zdnet.com/article/blockchain-betting-app-mocks-competitor-for-getting-hacked-gets-hacked-four-days-later/

It pays not to be too cocky. If it runs software and is connected to the internet  - it can get hacked. The only thing you can do to prevent hacks is have good detection and make it uneconomic to hack. (Removing the incentives)

We are surrounded by legends on this forum. Phenomenal successes and catastrophic failures. Then there are the scams. This forum is a digital museum.  
* The most iconic historic bitcointalk threads.* Satoshi * Cypherpunks*MtGox*Bitcointalk hacks*pHiShInG* Silk Road*Pirateat40*Knightmb*Miner shams*Forum scandals*BBCode*
Troll spotting*Thank you to madnessteat for my custom avatar hat.
wartywarlock
Full Member
***
Offline Offline

Activity: 208
Merit: 100



View Profile
September 20, 2018, 03:18:50 PM
 #4

i lost lots of money in ethercrash and quit it immediately. gambling is like a black hole. don't use to please.
Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!