During the past four days, two EOS platforms have been hacked to the tune of more than a quarter of a million dollars (about 44,400 EOS).
EOS network: questionable from the start
This comes after EOS was voted the number one cryptocurrency by the Chinese government crypto ratings just 3 months ago. EOS has been praised for “outstanding technical advantages in transaction confirmation efficiency, network throughput, and transaction costs” of the protocol. However, the Chinese government’s ranking criteria has been criticized as just a week prior to the public release of ratings, EOS experienced platform stalls, ongoing criticism over its technological stability, and freezing of users’ funds.
In June 2018, renowned developer and computer science professor at Cornell university, Emin Gün Sirer, warned that there will be a massive hack on EOS next year (in 2019). His warnings came sooner than expected.
Furthermore, a few weeks ago the EOS network proved vulnerable, as a bug was discovered that allowed hackers to steal RAM resources from users. RAM is an essential resource within the ecosystem, as each dApp uses it to store data. Developers are trying to amend these issues regularly, but since the technology is new, issues still persist throughout the network.
Hack #1: DEOSGames ($24,000 Stolen)
The first hack came on September 9th when a DEOSgames user experienced what looked like a winning streak, with payments of around $1000 several times (made dozens of times). The user would deposit 10 EOS and then win the jackpot 30 seconds later. The process can be viewed here, in the user’s EOSflare account overview.
Hack #2: EOSBet ($236,000 Stolen)
The second hack occurred on September 14th on another EOS betting platform. EOSBET released a statement on Reddit explaining the nature and scale of the smart contract hack:
“Dear EOSBet Community,
On September 14th around 3:00AM UTC we experienced a hack and breach of our bankroll, resulting in a theft of 44,427.4302 EOS before our contracts were taken offline by the development team. The remaining 463,745 EOS in our EOSBETDICE11 and EOSBETCASINO contracts are safe, the vulnerability is patched, and we are back online. We want to be as transparent as possible in explaining this breach and addressing any concerns the community might have.”
The hacker exploited a flaw in the code that could bypass a transfer function, which meant that their funds were not deposited to the smart contract. When they lost, they did not have to pay, but when they won, they won real money which they could cash out. This allowed the hacker to gamble in a risk-free casino.
In the same statement, the team wrote:
“We take security very seriously at EOSBet. Our code was audited extensively by our development team and multiple independent 3rd parties. Despite this, there was still a vulnerability in our smart contract. The task moving forward is to strengthen our security practices, ensuring that a similar event does not occur in the future”.
EOS is the second largest ICO is history, behind only Petro, an ICO created by the Venezuelan government. Despite all this money, EOS still continues to work through platform upgrades, bugs, and changes—just like the rest of the world’s ICOs. This goes to prove 3 things:
- The cryptocurrency market is still in its early stages and are evolving every day
- Money alone cannot speed up technological innovation and development. The most successful projects in 5-10 years may not necessarily be the ones that raised the most money
- Slow market adoption doesn’t mean that cryptocurrencies are doomed to fail. It just means that crypto-related projects need time to deal with bugs and network improvements to properly onboard the masses when the time is right
Images from Pexels
“B2B reporter – Content Manager – Contributor – Fintech – Blockchain – Cryptocurrency”
Simon Chou is a B2B reporter and content manager specializing in technology and finance. He has worked with many clients in the fintech and blockchain space. He holds investment positions in bitcoin and other large-cap cryptocurrencies, and has been reporting on cryptocurrency since 2017. Currently, Simon is the content manager for a major cryptocurrency exchange @HybridBlockHQ.