An ongoing exploit on EOSIO is allowing an attacker to win every roll on gambling dApp EOSPlay by paying to fill blocks with their transactions. So far, the attacker stole 30,000 EOS worth over $110,000 while making the network “unusable.”
A clever attacker was able to use REX, an EOS resource exchange for RAM and CPU, to ensure that blocks were filled with their transactions to continuously win on the gambling dApp EOSPlay. This resulted in the EOSIO network “freezing” as thousands of EOS were fed to the attacker’s wallet, as confirmed by another source.
For 300 EOS, worth a little over $1,000, the attacker was able to make away with 30,000 EOS tokens, said Jared Moore to CryptoSlate, an investor in the EOS ICO and an active community member. A look at on-chain transactions involved confirm the attack.
Until there’s a fork or a patch, the exploit can continue to be abused whenever a EOSIO user spends $1,000 or more on REX, Moore stated.
There’s discussion about getting the EOS Core Arbitration Forum (ECAF) involved to potentially freeze the account or reverse the unscrupulous transactions. This is controversial, however, since “technically he legally obtained” the funds, added Moore.
Until the exploit is resolved users are recommended to trade their EOS for stablecoin.
Disclaimer: Our writers’ opinions are solely their own and do not reflect the opinion of CryptoSlate. None of the information you read on CryptoSlate should be taken as investment advice, nor does CryptoSlate endorse any project that may be mentioned or linked to in this article. Buying and trading cryptocurrencies should be considered a high-risk activity. Please do your own due diligence before taking any action related to content within this article. Finally, CryptoSlate takes no responsibility should you lose money trading cryptocurrencies.