Hedera Hashgraph(HBAR), a public distributed ledger technology (DLT) platform, confirmed on March 14, 2023, that millions of service tokens were stolen as a result of a breach in its mainnet. The incident occurred on March 10, 2023, and was reported by the platform’s users, who noticed a significant drop in their service token balance.
Analysis on the Investigation:
After conducting a thorough investigation, Hedera discovered that the attack was caused by a vulnerability in its smart contract code, which allowed an attacker to manipulate the service token balance of certain accounts. The platform’s security team was immediately alerted, and they worked quickly to contain the breach and prevent any further losses.
Hedera Hashgraph confirmed that the stolen tokens have been traced to several different cryptocurrency exchanges, and the platform is working with law enforcement agencies to track down the perpetrators and recover the stolen funds. The company also stated that it is taking steps to strengthen its security measures and prevent similar incidents from occurring in the future.
What Happened :
The hackers transferred Hedera Token Service tokens from victims’ accounts to their own account. The attack was specifically targeted towards accounts used as liquidity pools on multiple DEXs that use Uniswap v2-derived contract code, such as @Pangolin_Hedera, @SaucerSwapLabs, and @HeliSwap_DEX.
However, when the attackers tried to move the tokens obtained through these attacks over the @HashportNetwork bridge, the bridge operators detected the activity and disabled it immediately. Hedera community members, including @swirldslabs, @HBAR_foundation, @LimeChainHQ, @Pangolin_Hedera, @SaucerSwapLabs, and @HeliSwap_DEX teams, collaborated to investigate the attack. In order to prevent the attacker from stealing more tokens, Hedera turned off mainnet proxies, which restricted user access to the mainnet. The root cause of the issue has been identified and the team is currently working on a solution. Once the solution is ready, Hedera Council members will sign transactions to deploy updated code on mainnet to remove the vulnerability. At that point, the mainnet proxies will be turned back on, allowing normal activity to resume.
The platform has urged its users to remain vigilant and report any suspicious activity on their accounts immediately. It has also assured its users that their personal information and other sensitive data have not been compromised in the breach.
As per SaucerSwap Labs ” An ongoing exploit have hit the Hedera network this morning. The exploit is targeting the decompiling process in smart contracts. At time of writing attackers have hit Pangolin and HeliSwap pools containing wrapped assets. We are unsure if other HTS tokens are at risk too. We are actively investigating and are in talks with the other dexes on the network and trying to look for ways to mitigate the vulneribility.”
This incident serves as a reminder of the importance of security measures in the blockchain and cryptocurrency industry. As the industry continues to grow, it is essential that platforms and exchanges prioritize security to ensure the safety and protection of their users’ funds and information.
Featured Image: Shutterstock/Mia Stendal
You may be also interested to read more about
- Jack Dorsey’s TBD Launches Bitcoin Lightning Node and Decentralized Financial Services
- Jack Dorsey is Advocating For A Decentralized Twitter Alternative.