Hacker Exploits Ethereum Gambling App EOSBet for $200,000

This story was published more than 1 year ago.

This week gambling group EOSBet had their Ethereum "DApp" hacked for 40,000 EOS cryptocoins ($200,000 USD) when hackers exploiting vulnerabilities in the app's smart contracts.

The hack comes as an embarrassment for the group, as they recently declared the app to be the safest and most secure around. The hackers reportedly found a glitch in the code, and used a transfer function to use a fake hash, which then tricked the EOSBet app into sending large amounts of the coin to various accounts.

In a statement to players an EOS representative wrote: "A few hours ago, we were attacked, and about 40,000 EOS was taken from our bankroll. This bug was not minor as was stated previously, and we are still doing forensics and piecing together what happened."

"[EOSBet] should be back online relatively quickly. We have narrowed down the bug to a faulty assertion statement in our code. After talking with other developers and BPs, it seems like other games were also attacked using this same exact code (abi forwarder.)"

Earlier in the week a punter reportedly won $600,000 on the site, although EOSBet claims that the win was legitimate and not part of the hacks that occurred with this incident.

Players should be wary of playing at EOSBet at this time, especially in light of the attack. It should be noted that we haven't had a chance to review the casino and are withholding judgment on whether or not they're legitimate until we've had the opportunity to conduct a thorough review.

About the author

Dustin Jermalowicz // News Editor
Dustin Jermalowicz
Dustin has a long-standing passion for gambling. He has been writing professionally on the subject and breaking industry news for Casino Listings since 2011. His favorite casino games include Blackjack, Poker, and Hi/Lo. A proud native of Detroit, Dustin currently lives in Michigan.
5 replies • Last post

Comments

krcoolsongss
High RollerHigh Roller
coolsongss's picture
Joined: 2 Dec 2014
Posts: 2662
Thanks given: 1934
Thanks received: 1311
15 September 2018 - 4:29pm
#1

After reading this news, I decided not to play EOSBet whatsoever.
The players should be panic because it was closed down suddenly.

It would take long time for them to get players back.

sharpe

caWaroftheGods
Slots FanSlots Fan
WaroftheGods's picture
Location: Calgary
Joined: 27 Sep 2017
Posts: 1070
Thanks given: 454
Thanks received: 1062
16 September 2018 - 1:18am
#2

The first mistake they made was announcing to public how safe and secure their app was. If I was a hacker, right there, I'd be thinking , challenge accepted.

Sony Playstation and the PlayStation Network did the same thing a number of years ago. They got hacked and were down for a few days.
When they came back more secure and safe, they announced to the media, the fans, the world, that they have the new security and its unhackable. Hack proof, heard around the planet by hackers everywhere.
Three days later they got hacked and were down for almost a month lmao. This whole story is by memory alone so dont hate on me if details are wrong, the story is true lol

sharpe

auCL-Ed
StaffStaff
CL-Ed's picture
Location: Sydney
Joined: 7 Sep 2007
Posts: 9289
Thanks given: 5227
Thanks received: 4673
16 September 2018 - 11:56pm
#3

This is about example number 53 that I have seen of why the Ethereum network's implementation of "smart" contracts are a dumb idea. There is too much scope for programming errors that lead to disasters like this. And yeah, agreed, announcing to the world that you can't be hacked is just a red rag to a bull.

sharpe

Always play it safe! Consult our list of rogue casinos and warnings before depositing at a new casino.
Post in our forums to earn CLchips which can be used to buy real prizes in our CLchips shop.

usbarbadosslim93
Forum AngelForum Angel
barbadosslim93's picture
Location: Michigan
Joined: 28 Jan 2011
Posts: 11881
Thanks given: 702
Thanks received: 1645
17 September 2018 - 3:47pm
#4

Yeah, I think telling someone you're unhackable is about the stupidest thing you can do. Why go boasting when being low-key would be the more secure way to conduct business?

sharpe

bgsharpe
Forum AngelForum Angel
sharpe's picture
Location: Sofia, Bulgaria
Joined: 4 Nov 2014
Posts: 7333
Thanks given: 3957
Thanks received: 1079
20 September 2018 - 5:12pm
#5

A bit in irony in that, don't you think1?!

I'm agree with all of you guys, it was a statement which should never to be made.