How a DoS Attack Secured the Fomo3D Ethereum Game Winner

Background and Goal

When the first round of the Ethereum‑based gambling game Fomo3D:Long ended on August 22, a player at address 0xa169… withdrew 10,469.66 ETH despite having invested less than 0.8 ETH. The win was not luck but the result of a carefully planned denial‑of‑service (DoS) attack.

Game Mechanics Relevant to the Attack

The game starts a 24‑hour countdown; when the timer expires, the last buyer of a key receives 48 % of the prize pool.

Each key purchase adds 30 seconds to the countdown.

The winning condition is therefore to be the last buyer before the timer ends. In a traditional setting this would require all other players to run out of funds, but on Ethereum an attacker can prevent other purchase transactions from being confirmed, effectively creating a DoS.

Attack Principle on Ethereum

Ethereum miners select transactions from the transaction pool based on economic incentive: higher gasPrice transactions are prioritized. Miners cannot distinguish between legitimate contract calls and “garbage” calls that do nothing useful. By broadcasting a large number of high‑gas‑price, low‑utility transactions, an attacker can fill a block’s available gas, crowding out normal transactions.

Key Technical Concepts

Each block’s total gas consumption is limited by gasLimit (≈8 million gas). Transactions are included only if their total gas usage fits within the remaining block gas.

Transaction fee = (21000 gas base + data‑size gas + execution gas) × gasPrice. Insufficient balance prevents inclusion.

The actual gas needed for a transaction is known from the current world state, allowing miners to assess its economic value.

Step‑by‑Step Attack Timeline

Block 6191896 : The attacker buys a key, extending the timer.

Blocks 6191897‑6191902 : The attacker fills the blocks with “garbage” contract calls using average gas prices (~20 GWei) while monitoring that no other keys are purchased.

Blocks 6191903‑6191908 : Gas price is raised dramatically (190 GWei, then up to 500 GWei). The blocks contain only a handful of simple transfers; the rest of the gas is consumed by the attacker’s high‑price garbage transactions, effectively blocking other players.

Block 6191909 : Network conditions normalize; subsequent purchase attempts are ignored because the contract’s timestamp has already passed the end condition.

In block 6191907 a transaction with a gas price of 5,559.7 GWei failed due to an insufficient gas limit, costing the sender 2.1 ETH without winning the prize.

Technical Details of the Garbage Transactions

Many failed transactions contain the EVM “Bad Instruction” opcode 0xfe. In Solidity, require and revert use opcode 0xfd (which refunds remaining gas), while assert triggers 0xfe, consuming all supplied gas.

The attacker varied gasLimit values (from hundreds of thousands to several million) to match the remaining gas in each block, ensuring that at least some garbage transaction could always be included.

Operational Requirements

Direct connections to the top five‑ten mining pools (or full nodes very close to them) to obtain real‑time block data.

Custom client software capable of monitoring block headers and simultaneously broadcasting dozens of pre‑crafted transactions.

Synchronised sending of the garbage transactions to multiple pools to minimise latency‑induced inclusion of rival purchases.

Conclusion

The attacker’s plan was meticulously prepared, patient, and technically sound, costing an estimated >40 ETH in transaction fees. While the method demonstrates a powerful exploitation of Ethereum’s gas economics, reproducing it requires substantial resources, expertise, and coordination.