Hackers managed to attack the decentralized gambling app EOSBet again. The attackers stole at least $338,000 in EOS cryptocurrency from operating wallets. Just a month ago, hackers stole $200,000 from EOSBet, exploiting another vulnerability in a smart contract for the gambling platform.
This time, cybercriminals managed to fool the smart contract by infiltrating standard EOS accounts with a special malicious code. As a result, the smart contract mistakenly transferred a large amount of crypto to the accounts of intruders. In the screenshot, you can see how the hackers transferred 65 thousand EOS tokens ($338,000) to the Poloniex crypto exchange using one of the accounts ('ilovedice123').
Just a month ago, $200,000 was stolen from EOSBet in a hackers’ attack. Then a bug allowed an intruder to bet without depositing funds into his account. With a loss, he did not lose money, and in case of a win, he received payments in full. EOSBet developers were able to quickly resolve the error in the code. They also increased the gain from 1% to 4% of the bankroll in order to keep the maximum bet size unchanged.
Our bankroll size has been decreased as part of a series of security upgrades. Don't worry whales, the maximum bet size HAS NOT changed. More here: https://t.co/mw51Fvm30F— EOSBet (@EOSBetCasino) September 16, 2018
It is worth noting that problems haunt EOS often enough. For example, in September, a vulnerability in EOSBet allowed the player to get a win several times in a row. Within an hour, the blockchain platform paid the jackpot to a user under the nickname 'runningsnail' 24 times, a total of 197 EOS (about $1,000).
We are back up and running with EOS game for last 6+ hours. Yesterday, we got a malicious contract exploit our contract. it is a good stress test and we got significant improvements on contract level. Keep doing what we do, remember we are still in beta!— DEOSGames (@DEOS_Games) September 10, 2018
In October, another gambling EOS-application Se7ens was under attack. A member of the community took advantage of the vulnerability in a smart contract and accrued one billion tokens, which soon disappeared. Shortly before this event, the developers of the EOS-game announced that they would distribute half of the entire supply of tokens among EOS holders and each account would receive 10 thousand tokens.
However, one of the accounts received a billion SEVEN tokens. A user explained what had happened on Reddit. Immediately after that, his balance was trimmed to 100 thousand tokens. According to the developers, this was a reward for identifying the bug. However, the user was unhappy. He decided that the project could, at its discretion, change the balance sheets. “I wonder how they plan to be listed on an exchange with such treatment of their assets,” he said.
After these incidents, the EOSBet team promised that their code would be comprehensively verified by both the developers and several independent parties. In addition, they pledged to strengthen security measures. A funny thing: initially the creators of EOSBet declared that their platform is the safest of its kind.
Subscribe to our Telegram channel to stay up to date on the latest crypto and blockchain news.