hacker going online by the pseudonym of “aabbccddeefg” has exploited a vulnerability to steal over 24,400 EOS coins ($125,000) from a blockchain-based betting app.
The hack took place last night, and the targeted app is called EOSBet Dice, run by a company named EOSBet Cassino. The app lets users bet EOS cryptocurrency as part of a classic dice game .
The game has been running online for a few months, but yesterday, a Reddit user spotted that an EOS user named aabbccddeefg had siphoned a large stack of funds from the EOSBet Dice’s shared money pool.
The Redditor says he identified a vulnerability in the dice game’s source code –which, in turn, was based on an open source EOS dice-betting game called Fair Dice.
The hacker operated by sending a transaction to the EOSBet main game account, which exploited a lack of proper parameter checks that allowed the hacker to trick the game into sending back fake earnings.
Also: Bitcoin Gold delisted from major cryptocurrency exchange after refusing to pay hack damages
“Yep, we were hacked,” EOSBet Cassino admitted via its official Reddit account. “More details to come. Trying to figure it out ourselves.”
The company pulled the game following the attack.
Another Redditor keeping an eye on the hacker’s account noticed that the hacker wasn’t particularly interested in laundering his money and losing his tracks.
“So this guy hacks EOSBET and what does he do? Play space invaders. I’m not even kidding…,” the user said.
And to put the cherry on top of this whole incident, just a few days earlier, EOSBet had mocked a competitor on Twitter for getting hacked.
“DEOS Games, a clone and competitor of our dice game, has suffered a severe hack today that drained their bankroll,” EOSBet tweeted. “As of now every single dice game and clone site has been hacked. We have the biggest bankroll, the best developers, and a superior UI. Play on.”
Well, that’s that!