Root-cause analysis not yet published. The incident description below contains all currently available signal — review the attack transaction directly for definitive forensics.
GMBL COMPUTER was attacked, and the attacker withdrew GMBL worth approximately US$815,000 from the contract. GMBL said: “We believe that the vulnerability is caused by a flaw in the platform’s recommendation system, which allows people to place bets without depositing any funds and use them to generate referral bonuses. We have identified the exploiter and are working to recover all funds lost due to this exploit. The GMBL team stated that they provided a "Bug Bounty" to the attackers to return 90% of the stolen funds in exchange for a promise not to take legal action. On September 6, the attackers returned 235 ETH (approximately $382, 000), which is 50% of the stolen funds. Attack method (per SlowMist): Contract Vulnerability. Reported loss: $ 815,000.
- chain
- —
- protocol
- GMBL COMPUTER
- bug_class
- logic
- date_occurred
- 2023-09-05
- loss_usd
- $815,000
- source_id
- sm:gmbl-computer::2023-09-05