This week gambling group EOSBet had their Ethereum "DApp" hacked for 40,000 EOS cryptocoins ($200,000 USD) when hackers exploiting vulnerabilities in the app's smart contracts.
The hack comes as an embarrassment for the group, as they recently declared the app to be the safest and most secure around. The hackers reportedly found a glitch in the code, and used a transfer function to use a fake hash, which then tricked the EOSBet app into sending large amounts of the coin to various accounts.
In a statement to players an EOS representative wrote: "A few hours ago, we were attacked, and about 40,000 EOS was taken from our bankroll. This bug was not minor as was stated previously, and we are still doing forensics and piecing together what happened."
"[EOSBet] should be back online relatively quickly. We have narrowed down the bug to a faulty assertion statement in our code. After talking with other developers and BPs, it seems like other games were also attacked using this same exact code (abi forwarder.)"
Earlier in the week a punter reportedly won $600,000 on the site, although EOSBet claims that the win was legitimate and not part of the hacks that occurred with this incident.
Players should be wary of playing at EOSBet at this time, especially in light of the attack. It should be noted that we haven't had a chance to review the casino and are withholding judgment on whether or not they're legitimate until we've had the opportunity to conduct a thorough review.
Comments
After reading this news, I decided not to play EOSBet whatsoever.
The players should be panic because it was closed down suddenly.
It would take long time for them to get players back.
sharpe
The first mistake they made was announcing to public how safe and secure their app was. If I was a hacker, right there, I'd be thinking , challenge accepted.
Sony Playstation and the PlayStation Network did the same thing a number of years ago. They got hacked and were down for a few days.
When they came back more secure and safe, they announced to the media, the fans, the world, that they have the new security and its unhackable. Hack proof, heard around the planet by hackers everywhere.
Three days later they got hacked and were down for almost a month lmao. This whole story is by memory alone so dont hate on me if details are wrong, the story is true lol
sharpe
This is about example number 53 that I have seen of why the Ethereum network's implementation of "smart" contracts are a dumb idea. There is too much scope for programming errors that lead to disasters like this. And yeah, agreed, announcing to the world that you can't be hacked is just a red rag to a bull.
sharpe
Always play it safe! Consult our list of rogue casinos and warnings before depositing at a new casino.
Post in our forums to earn CLchips which can be used to buy real prizes in our CLchips shop.
Yeah, I think telling someone you're unhackable is about the stupidest thing you can do. Why go boasting when being low-key would be the more secure way to conduct business?
sharpe
A bit in irony in that, don't you think1?!
I'm agree with all of you guys, it was a statement which should never to be made.