On September 14, EOSBet Dice, a gaming dApp of EOSBet Casino has been hacked following a similar heist on its competitor DEOSGames two days ago. The EOS-based gaming platform was siphoned off with almost 44,400 EOS worth more than USD 240,000 by exploiting its vulnerabilities on their smart contracts.
The hacker going by its pseudonym aabbccddeefg was reportedly able to steal 44,427.4302 from the EOSBet’s platform wallet.
An EOSBet spokesperson confirmed the hack, stating:
“A few hours ago, we were attacked, and about 40,000 EOS was taken from our bankroll. […] This bug was not minor as was stated previously, and we are still doing forensics and piecing together what happened.”
According to Hard Fork, a Redditor was the first to share what he found out about the platform’s vulnerability. It was reported that 23 transactions in less than five minutes were done by sending varying amount to the hacker’s account.
Small amounts of EOS have been sent to the attacker’s account with some threatening messages attached. Using an account name very similar to the official EOSBet wallet, someone is sending seemingly official communication in a bid to appear legit
EOS has been sent into the hacker’s account in small amount attached with a threatening message.
It seems that the hackers used a fake hash to be able to externally call the platform’s ‘transfer’ function.