Hedera confirms exploit leading to service token theft

The team at Hedera, responsible for the distributed ledger Hedera Hashgraph, has confirmed that a smart contract has been exploited on the Hedera Mainnet, leading to the theft of several tokens from liquidity pools.

Focused on liquidity pool tokens on DEXs

According to Hedera, the attacker targeted liquidity pool tokens on decentralized exchanges (DEXs) that based its code on Uniswap v2 on Ethereum and transferred them for use on the Hedera Token Service. Through a Twitter message Hedera confirmed the exploit.

Hedera’s team stated that suspicious activity was noticed when the attacker attempted to transfer the stolen tokens through the Hashport bridge, which consisted of liquidity pool tokens on SaucerSwap, Pangolin, and HeliSwap. The exploit was reportedly quickly noticed by the operators, who took action by temporarily shutting down the bridge. The Hedera team has not (yet) revealed exactly how many tokens were stolen. There may be an ongoing investigation into this.

Hedera’s Network Upgrade

On February 3, Hedera upgraded the network to convert Ethereum Virtual Machine (EVM)-enabled smart contract code to the Hedera Token Service (HTS). This upgrade involved decompiling the Ethereum contract bytecode to the HTS, which is where the Hedera-based DEX SaucerSwap suspects the attack vector came from. However, the recent message from Hedera has not yet confirmed this.

Previously, Hedera was able to shut down network access by disabling IP proxies on March 9. The team has indicated that they have identified the “root cause” of the exploit and are currently developing a fix.

The team added that “Once the fix is ​​ready, Hedera Council members will sign transactions to approve the deployment of updated code on the mainnet to remove this vulnerability, then re-enable the mainnet proxies, allowing normal activity can be resumed.”

As a conclusion, after Hedera found the potential exploit and disabled the proxies, the team advised token holders to check their account ID and Ethereum Virtual Machine (EVM) address on hashscan.io for their own comfort.

Recent Articles

Related News

Leave A Reply

Please enter your comment!
Please enter your name here