EOSBet, a gambling dApp which uses EOS tokens, lost at least $338,000 from its operational wallets to hackers on October 15. This is the second attack in less than 60 days as a similar attack took place on September 14.
The attack has once again brought the platform’s security vulnerabilities to the forefront. Patrons were notified of the attack by the platform through a written presser.
The attack was streamlined to the platform by hackers using a malicious code, which tricked the EOS smart contract platform into ‘accidentally’ crediting their accounts with the token.
Though the exact value is unknown, a hacker who goes by the name ‘Ilovedice123’, was able to gather as much as 65,000 EOS and transfer it to a major cryptocurrency exchange.
The vulnerability was rectified after the fraudulent transactions were noticed by the dev team. They also released a statement about the same, advising patrons to check their wallets for duplicitous transactions.
The statement read:
“Any contract relying on transfer notifications from eosio.token should add this check immediately: if (transfer.to != _self) return; If you execute business logic on only incoming transfers, but reuse transfer action for both incoming and outgoing transfers, please use: if (transfer.from == _self || transfer.to != _self ) return;”
The million-dollar EOS gambling platform had fallen prey to a hacking attack a month earlier. In the attack that occurred on September 14, hackers had siphoned almost 40,000 EOS, worth at least $200,000 at that point in time.
The attack was the result of hackers exploiting a vulnerability in their smart contracts. Following the attack, devs had to take dApp offline to come up with a fix.
After the incident, EOSBet had vowed to harden its security measures to prevent any future attacks. In order to facilitate this, they had apparently arranged for extensive audits and had deployed third-party security companies.
The latest hacking incident has now raised the eyebrows of many users as some cryptocurrency enthusiasts have correlated it to the allegedly illicit transactions happening on the platform.
According to multiple reports and local media, a user profited over $600,000 on EOSBet after doubling his investment multiple times within 36 hours. However, EOSBet refuted the allegation, stating that the gambler won the money legitimately.
The post EOS-based gambling dApp EOSBet hacked again; $338,000 stolen from operational wallets appeared first on AMBCrypto.