A hacker was able to exploit a bug on EOSPlay in order to steal more than $110,000 in cryptocurrency.
Gambling App Manipulation
According to a report by CryptoSlate on Sept. 14, a hacker spent $1,000 in EOS in order to steal more than $110,000 in crypto by leveraging an exploit in the EOS-based gambling application EOSPlay. The scam involved the use of the largest EOS decentralized financial platform EOS REX, which lends crypto in exchange for additional CPU usage on the network's blockchain.
The report explains the hacker used REX to ensure that blocks were continuously filled with their transactions, thereby allowing them to win every roll on the gambling app.
In addition to exploiting the gambling platform, the report says the flood of =transactions have essentially frozen network function and made EOSIO “unusable.”
Due to leveraging CPU resources through REX, the hacker has crowded out others from participating on the network. Twitter account eosioAlabama described how the hacker could have manipulated the dice roll outcomes,
The billing rate dynamically increases for CPU and everyone basically gets locked out unless they have more eos staked than the attacker. The attacker had about 1 million eos staked to cpu from Rex in this case
The billing rate dynamically increases for CPU and everyone basically gets locked out unless they have more eos staked than the attacker. The attacker had about 1 million eos staked to cpu from Rex in this case— eosioAlabama (@eosioalabama) September 14, 2019
Other EOS users have taken to Twitter with the troubling news that the hacker’s impact may be expanding beyond REX and EOSPlay.
It seems that the scale of the attack is much larger than we originally expected.— Dexaran (@Dexaran) September 13, 2019
These are attacker's accounts:https://t.co/wdeRVVHT4Vhttps://t.co/euC2gEncj7https://t.co/7mrpdRfGLihttps://t.co/Wsl578HVPahttps://t.co/I0aTR8OvbQhttps://t.co/7ixE6VCoLfhttps://t.co/1QIOQDfDlw
Featured Image Credit: Photo via Pixabay.com