Key Points:
Here is what happened:
Someone was able to spoof a call and get a signature from our server, then pass it to the contract and pull almost 500 ETH worth of GMBL out of the contract.
THE GOOD NEWS:
This is not a contract vulnerability. We have identified the root cause, which is…
— GMBL.COMPUTER (🤑, ♻️) (@gmblcomputer) September 6, 2023
GMBL.COMPUTER says this is not a contractual vulnerability. The source of the problem has been found and it occurred off-chain. The platform has all their information and the process of recovering the funds has been initiated.
Bug bounties are offered to hackers to avoid legal action if the stolen funds are returned.
“If you’d like us to treat this as a white hat, please send 90% of the funds back to our ARB MULTISIG 0x4263FDcddde978cc9239199Bf8533a064db9dF5E and keep 10% as a bounty. If we do not recieve the funds by tomorrow at 9pm EST, we will proceed with legal action”
Notification sent to hackers.
DISCLAIMER: The information on this website is provided as general market commentary and does not constitute investment advice. We encourage you to do your own research before investing.
