120 hack event(s)
Description of the event: EOS game Poker EOS appears abnormal, which is confirmed to be caused by the disclosure of the private key of the game. The hackers made more than 20,000 EOS in total, and more than 10,000 of them have been transferred to the exchanges.
Amount of loss: 26,992.2297 EOS Attack method: Private Key Leakage
Description of the event: The attacker constructed the malicious memo, which caused the eosblue.one server parsing exceptions, thus continuously winning prizes or leading to unusually large refunds.
Amount of loss: 12,883 EOS Attack method: Memo attack
Description of the event: Attackers continue to make continuous profits by creating new accounts and calling the luckydraw method of the EOS quiz game DEOS Games contract. Currently, over 300 accounts have been created and thousands of EOS have been accumulated. Different from the known attack characteristics in the past, it is preliminarily judged that this attack is a new type of attack. The attacker creates new accounts in batches, and then places small bets in exchange for a larger return. The return rate of betting is abnormally high, resembling "wool wool".
Amount of loss: 2,090 EOS Attack method: Automatically attack lucky draw system
Description of the event: The attacker launched continuously attacks and profit from the EOSlots, and the game has been suspended operations.
Amount of loss: 2,468.92 EOS Attack method: Random number attack
Description of the event: The attacker once again launched an attack on the EOS quiz game eosnowbetext. After preliminary analysis, the attacker still manipulated multiple trumpets to attack the game through transaction squeeze, and has already made a profit.
Amount of loss: 200 EOS Attack method: Transaction congestion attack
Description of the event: ZION.games sustained attack by malicious users ggggggggggxx, profits of more than 2849 EOS, and transferred to the Binance Exchange. The attack is similar to the attack on TGON, suspected to be the same group.
Amount of loss: 2,849 EOS Attack method: Roll back attack
Description of the event: The attacker controlled multiple accounts to launch continuously attacks on the TGON, made thousands of EOS in profit from the TGON, and transferred to the Binance Exchange.
Amount of loss: 1,606.8268 EOS Attack method: Roll back attack
Description of the event: The attacker launch continuously attacks and profit from the dBet Games.
Amount of loss: 24.8 EOS Attack method: Transaction congestion attack
Description of the event: The attacker justjiezhan1 launched an attack on the EOS game "cubecontract" and has already made a profit. Prior to this, the attacker justjiezhan1 started deploying the attack contract at around 12:00:41 on the same day. The analysts preliminary analyzed that the attacker was, still the same as the previous attack mean, transaction congestion attack.
Amount of loss: 49.6 EOS Attack method: Transaction congestion attack
Description of the event: The attacker launched continuously attacks and profit from the EOSVegas. The analysis found that the attack mean used by the attacker was transaction congestion attack. The account is extremely active. It just attacked the quiz game EOS Cube and its related account has been marked as high risk.
Amount of loss: 39 EOS Attack method: Transaction congestion attack
Description of the event: The attacker justjiezhan1 launched an attack on the EOS game "YUM.games" and has already made a profit. After analysis, it is suspected that the attacker calls "gamestart" and draws the prize directly without betting the game.
Amount of loss: 113 EOS Attack method: Contract Vulnerability
Description of the event: The attacker launched continuously attacks on the LuckyGo, profiting hundreds of EOS.
Amount of loss: 200 EOS Attack method: Transaction congestion attack
Description of the event: The attacker launched continuously attacks on the dBet Games, profiting hundreds of EUSD which stablecoins issued on EOS. And has sold through the decentralized exchange Newdex.
Amount of loss: 685 EUSD Attack method: Transaction congestion attack
Description of the event: The attacker launched continuous attacks on EOS DApp nkpaymentcap and successfully profited 50,000 EOS. After analysis, it was found that the attacker used a fake transfer notification attack to obtain a large number of contract tokens, and then exchanged the tokens into real EOS for cash out through the DApp contract.
Amount of loss: 50,000 EOS Attack method: Transfer error prompt
Description of the event: The attacker launched a continuous attack on the EOS quiz game Vegas Town, profited thousands of EOS, and has been transferred to the ZB exchange. Preliminary analysis found that hackers used the failed (hard_fail) transfer transaction to cheat the game server, resulting in continued awards.
Amount of loss: 2,219 EOS Attack method: Hard_fail attack
Description of the event: The attacker launched a continuous attack on the EOS quiz game Gamble EOS, successfully profited thousands of EOS, and has been transferred to the Huobi exchange. After analysis, it was found that the attack method used by the attacker was a false transfer notification.
Amount of loss: 2,043.6 EOS Attack method: Transfer error prompt
Description of the event: The attacker launched a series of attacks on the EOS quiz game Fishing Joy, profiting hundreds of EOS. According to analysis, the attacker used the transaction crowding attack to trigger the game's refund mechanism, resulting in 100% profit.
Amount of loss: 109.33 EOS Attack method: Transaction congestion attack
Description of the event: The attacker co****op launched continuous attacks on the EOS quiz game contract xlo*****io and has already profited hundreds of EOS. After preliminary analysis, the attacker used the logic defect of the game contract by directly invoking the transfer method, and multiple accounts coordinated to carry out the attack.
Amount of loss: 42 EOS Attack method: Logic Vulnerability
Description of the event: The attacker launched continuously attacks on the OnePlay, getting almost all EOS of the game contract. And use the same attack mean to bet the game token ONE, profit nearly one million game tokens, and then transfer to the newdex exchange for sale.
Amount of loss: 449 EOS Attack method: Random number attack
Description of the event: Hackers launched continuous attacks on the EOS quiz game EOS Happy Valley, and they have profited hundreds of EOS. The game party has transferred the account balance away. Attackers still use transaction crowding out attacks. To completely fix this vulnerability, DApp developers should remove controllable variables such as account balance or time factors to participate in random number generation.
Amount of loss: 419 EOS Attack method: Transaction congestion attack