EOS dApps (decentralized applications) appear to be vulnerable to attack. Indeed, EOSBet has been hacked, exploiting security openings once again in spite of statements claiming previously hacked smart contract issues were corrected and audited. It seems there were still some holes in their armor. This time the pain was much more intense. Hackers managed to squeeze $338K from a vulnerability in a dice game, a favorite wager among online gamblers.
EOS dApps, Such as EOSBet, are Vulnerable
“Twice the pain, double the pleasure,” some say. EOSBet developers are learning the hard way. The EOS community and the cryptocurrency have earned a bad reputation due to recent security vulnerabilities, but the truth is all “smart contract” capable cryptocurrencies are as “smart” as the people who programmed them. And we are sure EOSBet managers must be frantic, searching for new programmers now that they have been hacked yet again.
Supposedly hackers were smarter than smart contracts, and managed to inject EOS accounts with malicious code to trigger automatic rewards every time users made a transfer. In this way, every time one account transferred a number of EOS, the system awarded that same number of EOS to them. The attack went for only a short period of time, but the damage EOSBet took was heavy.
Not the First Time
This was not the first time suspicious activity has been detected within this online gambling casino. Last month, a vulnerability was discovered and the company lost more than $200K, having just recently launched their platform. Also, they shockingly stated that a user being awarded more than $600K by doubling his bet consistently in 36 hours was legit, and “pure luck,” which appears to be a strategy or PR move to hide obvious vulnerabilities from their users.
It also seems all of these EOS based dApps are struggling to gain the upper hand on security issues, and hackers are flocking in search of a good bounty to poke defenses to see which can be exploited. We’ll see in the future how many more dApps fall to their own incompetence.
CONTINUE THE SPICE and check out our piping hot YouTube channel.