Crypto Hacker Steals Tokens From Hedera in Smart Contract Attack

  • Post author:
  • Post category:Allgemein

• A hacker exploited a smart contract vulnerability on the Hedera Mainnet, stealing tokens from DEXs liquidity pools.
• Hedera disabled IP proxies to cut off network access and found the exploit’s root cause.
• The token value of Hedera (HBAR) dropped by 9% in the past 24 hours.

Hacker Steals Tokens From Hedera

A hacker has managed to exploit a smart contract vulnerability on the Hedera Mainnet and steal tokens from DEXs’ liquidity pools. The team at Hedera disabled IP proxies soon after they discovered the attack to cut off network access and have since been working on finding the root cause of this exploit.

Dropping Token Value

The value of the token, Hedera (HBAR), has decreased by 9% in the past 24 hours as a result of this attack. This drop can still be seen trading at $0.05497 according to CoinMarketCap as of this writing.

Root Cause Found

Hedera has since found the root cause of this exploit and is currently working on remedying it for token holders’ comfort. They have recommended that token holders verify their account ID and Ethereum Virtual Machine (EVM) address balances on hashscan.io after disabling proxies following their discovery of a potential attack.

Modified Token Service

On February 3, modifications were made to the Hedera Token Service (HTS) which enabled it to support code compatible with Ethereum’s Virtual Machine (EVM). This procedure involves decompiling Ethereum contract bytecode into its own service, which could potentially be where SaucerSwap believes this attack vector originated from though it hasn’t been confirmed by Hedera yet.

Conclusion

In conclusion, a hacker was able to successfully steal tokens from DEXs’ liquidity pools due to an exploit in their smart contract vulnerability on the Hedera Mainnet. This caused HBAR’s value to drop by 9% over a period of 24 hours and subsequently led to an investigation into its root cause by Hedera developers who also temporarily disabled proxies for security purposes until further notice.