Hackers managed to extract 40,000 EOS (EOS) or about $210,000 at the current exchange rate, after attacking a decentralized betting application (DApp) known as EOSBet.
Hackers stole 40,000 EOS (EOS) from EOSBet DApp
The hackers exploited some vulnerabilities in EOSBet smart contracts and managed to extract EOS (EOS) tokens directly from the DApp’s operational wallet.
“A few hours ago, we were attacked, and approximately 40,000 EOS (EOS) were taken from our wallet,” stated an EOSBet spokesman.
According to the press release, there is every indication that cybercriminals tricked the system with a fake hash to use EOSBet’s “transfer” function externally. No official explanation of the fact has yet been issued. However, the spokesman would have admitted that an error within the code facilitated the success of the attack.
Until the internal investigation reaches a conclusion and every threat is eliminated, the DApp remains disconnected.
“EOSBet should be back online relatively quickly. We have reduced the error to an incorrect assertion statement in our code,” the spokesman said.
That is not the first attack on EOSBet
At the end of August, the EOS.io platform detected the theft of storage space resources through EOSBet’s smart contract. That hacking revealed several flaws in the EOS code.
At that time, the developers of the DApp also temporarily deactivated their platform to minimize damage.
On the other hand, a lucky player managed to win about $600,000 by betting on EOSBet, earlier this week. On that case, EOSBet representatives declared that the platform had not been hacked and that the winner’s account activity was legitimate.
Recently, another EOS DApp, TRYBE, performed an action that alarmed users when it reversed an operation in which it had sent too many tokens during an airdrop. The developers of the DApp decided to access the wallets of the beneficiaries directly and to recover the extra EOS (EOS) tokens. That was done without the consent of the users, however.