Hackers Exploited Flaw In EOSBet Smart Contract To Steal 44,000 EOS

  • 4
  •  
  •  
  •  
  •  
  •  
  •  
    4
    Shares

Once again, the crypto world faced another cyber attack losing several thousands of dollars to hackers. This time, the hackers targeted an EOS gambling app to steal money. Allegedly, they exploited a flaw in EOSBet Smart Contract system to pilfer EOS worth $200,000.

Hackers Stole 40,000 EOS By Exploiting EOSBet Smart Contract System

On September 14, 2018, a Reddit user u/thbourlove posted in r/eos about a hacking attack on EOSBet. He showed speculated attack procedure by exploiting a code vulnerability in his post. He also proposed a way to mitigate the flaw.

Till that instant, EOS hasn’t disclosed anything about the breach. Yet, after this post, they confirmed that their website suffered a hack.

Later, they uploaded an official statement on Reddit explaining the breach.

As explained, the attacker “aabbccddeefg” meddled with the codes to exploit the vulnerability and transfer EOS to “self”. He managed to steal 44,427.4302 EOS worth $200,000.

Shortly after noticing the breach, EOS patched the flaw in the code.  They also “hardened” their security measures to prevent such occurrences in future.

About The Attacker’s Account

Out of curiosity, LHN thought to have a look on the attacker’s account “aabbccddeefg” to see the fate of the money he stole. When we first checked the account status, we saw the balance to be around 33K EOS. However, while we were writing this article, we observed a continuous transfer of money to another account “adobesystems”. Consequently, the account balance came to approx. 10,000 EOS when we last checked.

EOSBet attacker

Below we share a snapshot of transactions we saw through this account.

EOSBet attacker account transaction

We further scratched the surface only to reach another account “binancecleos” having a balance of 2,522,159.8248 EOS as we last checked. This account showed a continuous receipt of EOS from various other accounts including adobesystems.

binancecleos account status

We are not sure if there is a larger network of account pilfering users EOS from various sources, or something else. Let’s wait to receive more updates regarding the matter. Until then, make sure to keep your crypto assets safe from such breaches.

The following two tabs change content below.
Avatar

Abeerah Hashim

Abeerah has been a passionate blogger for several years with a particular interest towards science and technology. She is crazy to know everything about the latest tech developments. Knowing and writing about cybersecurity, hacking, and spying has always enchanted her. When she is not writing, what else can be a better pastime than web surfing and staying updated about the tech world! Reach out to me at: [email protected]
Avatar

Abeerah Hashim

Abeerah has been a passionate blogger for several years with a particular interest towards science and technology. She is crazy to know everything about the latest tech developments. Knowing and writing about cybersecurity, hacking, and spying has always enchanted her. When she is not writing, what else can be a better pastime than web surfing and staying updated about the tech world! Reach out to me at: [email protected]

Do NOT follow this link or you will be banned from the site!