Hacker Exploits Ethereum Gambling App EOSBet for $200,000

This week gambling group EOSBet had their Ethereum "DApp" hacked for 40,000 EOS cryptocoins ($200,000 USD) when hackers exploiting vulnerabilities in the app's smart contracts.

The hack comes as an embarrassment for the group, as they recently declared the app to be the safest and most secure around. The hackers reportedly found a glitch in the code, and used a transfer function to use a fake hash, which then tricked the EOSBet app into sending large amounts of the coin to various accounts.

In a statement to players an EOS representative wrote: "A few hours ago, we were attacked, and about 40,000 EOS was taken from our bankroll. This bug was not minor as was stated previously, and we are still doing forensics and piecing together what happened."

"[EOSBet] should be back online relatively quickly. We have narrowed down the bug to a faulty assertion statement in our code. After talking with other developers and BPs, it seems like other games were also attacked using this same exact code (abi forwarder.)"

Earlier in the week a punter reportedly won $600,000 on the site, although EOSBet claims that the win was legitimate and not part of the hacks that occurred with this incident.

Players should be wary of playing at EOSBet at this time, especially in light of the attack. It should be noted that we haven't had a chance to review the casino and are withholding judgment on whether or not they're legitimate until we've had the opportunity to conduct a thorough review.

About the author

5 replies • Last post

Comments

krcoolsongss
Jackpot ChaserJackpot Chaser
coolsongss's picture
Joined: 2 Dec 2014
Posts: 2179
Thanks given: 1491
Thanks received: 1055
15 September 2018 - 4:29pm
#1

After reading this news, I decided not to play EOSBet whatsoever.
The players should be panic because it was closed down suddenly.

It would take long time for them to get players back.

sharpe

caWaroftheGods
Gold PlayerGold Player
WaroftheGods's picture
Location: Calgary
Joined: 27 Sep 2017
Posts: 642
Thanks given: 233
Thanks received: 568
16 September 2018 - 1:18am
#2

The first mistake they made was announcing to public how safe and secure their app was. If I was a hacker, right there, I'd be thinking , challenge accepted.

Sony Playstation and the PlayStation Network did the same thing a number of years ago. They got hacked and were down for a few days.
When they came back more secure and safe, they announced to the media, the fans, the world, that they have the new security and its unhackable. Hack proof, heard around the planet by hackers everywhere.
Three days later they got hacked and were down for almost a month lmao. This whole story is by memory alone so dont hate on me if details are wrong, the story is true lol

sharpe

auCL-Ed
StaffStaff
CL-Ed's picture
Location: Sydney
Joined: 7 Sep 2007
Posts: 8178
Thanks given: 4348
Thanks received: 3652
16 September 2018 - 11:56pm
#3

This is about example number 53 that I have seen of why the Ethereum network's implementation of "smart" contracts are a dumb idea. There is too much scope for programming errors that lead to disasters like this. And yeah, agreed, announcing to the world that you can't be hacked is just a red rag to a bull.

sharpe

Always play it safe! Consult our list of rogue casinos and warnings before depositing at a new casino.
Post in our forums to earn CLchips which can be used to buy real prizes in our CLchips shop.

usbarbadosslim93
Forum Angel
barbadosslim93's picture
Location: Michigan
Joined: 28 Jan 2011
Posts: 10510
Thanks given: 607
Thanks received: 1008
17 September 2018 - 3:47pm
#4

Yeah, I think telling someone you're unhackable is about the stupidest thing you can do. Why go boasting when being low-key would be the more secure way to conduct business?

sharpe

bgsharpe
Forum Angel
sharpe's picture
Location: Sofia, Bulgaria
Joined: 4 Nov 2014
Posts: 5891
Thanks given: 2415
Thanks received: 762
20 September 2018 - 5:12pm
#5

A bit in irony in that, don't you think1?!

I'm agree with all of you guys, it was a statement which should never to be made.

Post new comment

Have something to say? Agree or disagree? Tell us what you think!

Login using your social network account
Or log in with a Casino Listings account

Login or register to post comments

Registering for an account takes less than a minute and you will be brought right back here to comment afterwards.