Hacker Exploits Ethereum Gambling App EOSBet for $200,000

This story was published more than 2 years ago.

This week gambling group EOSBet had their Ethereum "DApp" hacked for 40,000 EOS cryptocoins ($200,000 USD) when hackers exploiting vulnerabilities in the app's smart contracts.

The hack comes as an embarrassment for the group, as they recently declared the app to be the safest and most secure around. The hackers reportedly found a glitch in the code, and used a transfer function to use a fake hash, which then tricked the EOSBet app into sending large amounts of the coin to various accounts.

In a statement to players an EOS representative wrote: "A few hours ago, we were attacked, and about 40,000 EOS was taken from our bankroll. This bug was not minor as was stated previously, and we are still doing forensics and piecing together what happened."

"[EOSBet] should be back online relatively quickly. We have narrowed down the bug to a faulty assertion statement in our code. After talking with other developers and BPs, it seems like other games were also attacked using this same exact code (abi forwarder.)"

Earlier in the week a punter reportedly won $600,000 on the site, although EOSBet claims that the win was legitimate and not part of the hacks that occurred with this incident.

Players should be wary of playing at EOSBet at this time, especially in light of the attack. It should be noted that we haven't had a chance to review the casino and are withholding judgment on whether or not they're legitimate until we've had the opportunity to conduct a thorough review.

About the author

Dustin Jermalowicz // News Editor
Dustin Jermalowicz
Dustin has a long-standing passion for gambling. He has been writing professionally on the subject and breaking industry news for Casino Listings since 2011. His favorite casino games include Blackjack, Poker, and Hi/Lo. A proud native of Detroit, Dustin currently lives in Michigan.
5 replies • Last post

Comments

krcoolsongss
High RollerHigh Roller
coolsongss's picture
Joined: 2 Dec 2014
Posts: 2730
Thanks given: 2022
Thanks received: 1350
15 September 2018 - 4:29pm
#1

After reading this news, I decided not to play EOSBet whatsoever.
The players should be panic because it was closed down suddenly.

It would take long time for them to get players back.

sharpe

caWaroftheGods
Slots FanSlots Fan
WaroftheGods's picture
Location: Calgary
Joined: 27 Sep 2017
Posts: 1111
Thanks given: 469
Thanks received: 1090
16 September 2018 - 1:18am
#2

The first mistake they made was announcing to public how safe and secure their app was. If I was a hacker, right there, I'd be thinking , challenge accepted.

Sony Playstation and the PlayStation Network did the same thing a number of years ago. They got hacked and were down for a few days.
When they came back more secure and safe, they announced to the media, the fans, the world, that they have the new security and its unhackable. Hack proof, heard around the planet by hackers everywhere.
Three days later they got hacked and were down for almost a month lmao. This whole story is by memory alone so dont hate on me if details are wrong, the story is true lol

sharpe

auCL-Ed
StaffStaff
CL-Ed's picture
Location: Sydney
Joined: 7 Sep 2007
Posts: 9439
Thanks given: 5397
Thanks received: 4774
16 September 2018 - 11:56pm
#3

This is about example number 53 that I have seen of why the Ethereum network's implementation of "smart" contracts are a dumb idea. There is too much scope for programming errors that lead to disasters like this. And yeah, agreed, announcing to the world that you can't be hacked is just a red rag to a bull.

sharpe

Always play it safe! Consult our list of rogue casinos and warnings before depositing at a new casino.
Post in our forums to earn CLchips which can be used to buy real prizes in our CLchips shop.

usbarbadosslim93 Recently online: 3 min ago
Forum AngelForum Angel
barbadosslim93's picture
Location: Michigan
Joined: 28 Jan 2011
Posts: 12104
Thanks given: 724
Thanks received: 1700
17 September 2018 - 3:47pm
#4

Yeah, I think telling someone you're unhackable is about the stupidest thing you can do. Why go boasting when being low-key would be the more secure way to conduct business?

sharpe

bgsharpe
Forum AngelForum Angel
sharpe's picture
Location: Sofia, Bulgaria
Joined: 4 Nov 2014
Posts: 7358
Thanks given: 3981
Thanks received: 1092
20 September 2018 - 5:12pm
#5

A bit in irony in that, don't you think1?!

I'm agree with all of you guys, it was a statement which should never to be made.