Connect with us
Active Currencies 15475
Market Cap $3,334,989,098,802.90
Bitcoin Share 58.11%
24h Market Cap Change $1.28

EOS gambling dApp’s loophole exploited; attacker walks away with 30,000 EOS

1min Read

Share this article

The parent blockchain of EOS token, EOSIO became a casualty of an attack, after a gambling dApp was exploited by an attacker, accumulating 30,000 EOS (approximately amounting to 111,000 $) in the process.

The intruder reportedly took advantage of a loophole in the dApp EOSplay, permitting him to win consecutive rolls by filling the blocks with paid transactions.

Twitter user @rektkid, was one of the first to notice the intrusion. He took to the social media platform to explain that the attacker had taken the help of REX, an ESO resource exchange for RAM and CPU outlets, which led to consistent fill-up of blocks with transactions, allowing him to create a continuous win situation on the gambling app. After over 30,000 EOS was transferred to the attacker’s wallet, the blockchain’s network froze.

Source: Twitter

However, the attack may have effected the network more than it was expected.

Another twitter user Dexaran, provided more insight into the attack and claimed that all his contracts on the EOS mainnet had stopped due to high network congestion. He added that his 20 staked EOS CPU gave him a feeble network signal of 6 ms instead of the 2800 ms in normal state.

He contemplated the intruder’s plan of action and addressed how the attack occurred. An update on the network was released by Dexaran. He said,

Attack stopped, network is back in a normal mode.

>30K EOS stolen because of the vulnerability of DApp design.

Not $EOS flaw. Just a smart-contract that was hacked. To smart-contract devs: 1. Follow best security practices. 2. Do not rely on on-chain source of entropy in EOS.”

Share

Biraajmaan is a full-time journalist at AMBCrypto covering the US market. A graduate in Automobile engineering, he writes mainly about regulations and its impact with a focus on technological advancements in the crypto space.
Read the best crypto stories of the day in less than 5 minutes
Subscribe to get it daily in your inbox.
Please check the format of your first name and/or email address.

Thank you for subscribing to Unhashed.