X
Tech

Blockchain betting app mocks competitor for getting hacked. Gets hacked four days later

Hacker steals roughly $220,000 from blockchain-based online gambling app by exploiting vulnerability in EOS smart contract (game's source code).
Written by Catalin Cimpanu, Contributor

A hacker going online by the pseudonym of "aabbccddeefg" has exploited a vulnerability to steal over 44,400 EOS coins ($220,000) from a blockchain-based betting app.

The hack took place last night, and the targeted app is called EOSBet Dice, run by a company named EOSBet Cassino. The app lets users bet EOS cryptocurrency as part of a classic dice game [video].

Also: 7 tips for SMBs to improve data security TechRepublic

The game has been running online for a few months, but yesterday, a Reddit user spotted that an EOS user named aabbccddeefg had siphoned a large stack of funds from the EOSBet Dice's shared money pool.

The Redditor says he identified a vulnerability in the dice game's source code --which, in turn, was based on an open source EOS dice-betting game called Fair Dice.

hacked-dice-game.png

The hacker operated by sending a transaction to the EOSBet main game account, which exploited a lack of proper parameter checks that allowed the hacker to trick the game into sending back fake earnings.

Also: Bitcoin Gold delisted from major cryptocurrency exchange after refusing to pay hack damages

"Yep, we were hacked," EOSBet Cassino admitted via its official Reddit account. "More details to come. Trying to figure it out ourselves."

The company pulled the game following the attack.

Another Redditor keeping an eye on the hacker's account noticed that the hacker wasn't particularly interested in laundering his money and losing his tracks.

"So this guy hacks EOSBET and what does he do? Play space invaders. I'm not even kidding...," the user said.

Also: Best Home Security Devices for 2018 CNET

And to put the cherry on top of this whole incident, just a few days earlier, EOSBet had mocked a competitor on Twitter for getting hacked.

"DEOS Games, a clone and competitor of our dice game, has suffered a severe hack today that drained their bankroll," EOSBet tweeted. "As of now every single dice game and clone site has been hacked. We have the biggest bankroll, the best developers, and a superior UI. Play on."

Well, that's that!

eosbet-mock.png

These are 2018's biggest hacks, leaks, and data breaches

Previous and related coverage:

What is malware? Everything you need to know

Cyber attacks and malware are one of the biggest threats on the internet. Learn about the different types of malware - and how to avoid falling victim to attacks.

Security 101: Here's how to keep your data private, step by step

This simple advice will help to protect you against hackers and government surveillance.

VPN services 2018: The ultimate guide to protecting your data on the internet

Whether you're in the office or on the road, a VPN is still one of the best ways to protect yourself on the big, bad internet.

Editorial standards