The Fantom Foundation, renowned for its work on the Fantom blockchain platform, successfully neutralized a significant security vulnerability. This proactive measure followed a concerning incident in October, where the foundation fell victim to a hot wallet hack, resulting in a $550,000 loss.
A Major Fantom Disaster Averted
On October 17th, an unidentified cybercriminal exploited the Fantom Foundation’s hot wallet, siphoning off 1% of its funds. In response to this breach, the foundation ceased operations with some of the compromised wallets and reassigned them internally, indicating a targeted nature of the attack.
However, in a remarkable turn of events, an anonymous security researcher identified an additional, potentially catastrophic risk linked to the hack. According to the foundation’s November 20th blog post, the researcher uncovered a dormant admin token within Fantom’s ERC-20 FTM contract. This vulnerability, if exploited, could have granted the hacker the capacity to mint a substantial quantity of Fantom tokens on Ethereum.
The stakes were high, as the foundation disclosed that this security flaw could have enabled the hacker to drain an estimated $170 million. That number is based on the token’s value during the initial hack. The foundation also noted that this figure did not account for the market’s limited liquidity. Markets cannot absorb such a large volume of tokens in quick succession.
Big Bounty for A Security Researcher
Acting swiftly, the Fantom Foundation confirmed that the vulnerability was effectively mitigated. As a token of gratitude for this critical intervention, the foundation awarded the security researcher a staggering $1.7 million. Without help, the potential damage would have been astronomical and affected all ecosystem participants.
This incident underscores the foundation’s commitment to maintaining the highest security standards for its platform. The foundation acknowledged security researchers’ invaluable role in bolstering their systems’ security and integrity. It also reaffirmed their dedication to safeguarding their platform against future threats.
Please note that the information provided on this page is not intended to be and should not be interpreted as legal, tax, investment, financial, or any other form of advice. It is important to only invest what you can afford to lose and to seek independent financial advice if you have any doubts. For further information, we suggest referring to the terms and conditions as well as the help and support pages provided by the issuer or advertiser. CryptoMode is committed to accurate, unbiased reporting, but market conditions are subject to change without notice.