It is not the best time to be an EOS gambling platform. Another hacking has taken place. Two such platforms experienced breaches in the last week, with around $250,000 being stolen, and $600,000 being debated over.
The hacking of the first EOS smart contract took place on September 9. A user by the name of runningsnail was apparently getting to know lady luck rather intimately, going on a streak of $1,000 wins. The process seemed automated since the user would enter 10 EOS and after half a minute win the jackpot. DEOSGames stated on social media that indeed the platform was breached, and claimed, that the wrongdoing was “a good stress test” for the team.
Smart contracts on two EOS gambling platforms have been hacked in the last four days to the tune of more than a quarter of a million dollars, with another platform paying out $600,000 to one user in an unusual-looking jackpot which EOSBet insists was simply luck.
On September 14, /u/EOSBetCasino disclosed via Reddit, that a hacking worth $236,000 had taken place.
“Dear EOSBet Community,
On September 14th around 3:00AM UTC we experienced a hack and breach of our bankroll, resulting in a theft of 44,427.4302 EOS before our contracts were taken offline by the development team. The remaining 463,745 EOS in our EOSBETDICE11 and EOSBETCASINO contracts are safe, the vulnerability is patched, and we are back online. We want to be as transparent as possible in explaining this breach and addressing any concerns the community might have.”
The hacker found a way to use a bug in the code to their advantage, essentially allowing them to gamble without losses since their funds were not deposited to the smart contract, but very much being able to cash out their winnings. The perfect casino where no money is lost only gained.
The team behind the platform rectified their mistake. However, they got quite a backlash from Reddit users, who pointed out that they had previously stated that:
“We take security very seriously at EOSBet. Our code was audited extensively by our development team and multiple independent 3rd parties.”
The hacking statement appeared only a couple of days after someone on the same platform took home $600,000. They winnings were obtained over the span of 36 hours in a game of dice rolls, where the user would double their money. The EOSBet platform have stated that no hacking had taken place, and it was only the user’s good luck. This is presently being looked into.
WHY IS THIS IMPORTANT?
- Where is money, there will be people trying to obtain it through illegal means. These incidents have brought awareness to both devs and hackers that such hacks are possible due to negligence in the code.
- It can be expected that crypto gambling platforms will be rechecking their code, in order to ensure the future safety of their users and assets.