The Fantom Foundation Mitigates Vulnerability After $550,000 Hack
The Fantom Foundation, a nonprofit organization developing the Fantom blockchain platform, has successfully eliminated a significant vulnerability following a $550,000 hack in October.
On October 17, the Fantom Foundation experienced a hot wallet hack, resulting in the unknown attacker draining 1% of the foundation’s funds. The foundation took immediate action by ceasing the use of affected wallets and transferring them to a Fantom employee, suggesting it was a targeted attack.
Following the incident, an unnamed security researcher discovered an additional potential risk associated with the hack and promptly alerted the Fantom Foundation. According to a blog post on November 20, the vulnerability was linked to a dormant admin token for Fantom’s ERC-20 FTM contract, which could have allowed the attacker to mint a portion of Fantom (FTM) for themselves on the Ethereum network.
According to the Fantom Foundation, this vulnerability had the potential to enable the hacker to drain $170 million from the wallet. However, the organization clarified that this estimation does not consider the market’s insufficient liquidity to absorb the tokens fully.
The Fantom Foundation moved quickly to mitigate the vulnerability, and in recognition of the researcher’s contribution, they awarded the individual $1.7 million. The foundation emphasized its dedication to upholding the highest security standards for their platform and expressed gratitude for the security researchers who contribute to their efforts.
Despite the Fantom Foundation losing half a million dollars in the hack just a month ago, the value of the Fantom token has continued to rise. Over the past four weeks, the token has gained 82% in value, currently trading at $0.31 according to CoinGecko. It has also seen a 78% increase in value over the past year.
Launched in late 2019, the Fantom network is a blockchain protocol that enables users to build and deploy decentralized applications (DApps). The Fantom Foundation’s Opera is a permissionless blockchain compatible with the Ethereum Virtual Machine, allowing users to interact with the Fantom network on MetaMask, a popular self-custodial cryptocurrency wallet.
This recent $550,000 hack is not the first attack on the Fantom Foundation or its users. In July 2023, Fantom experienced a significant multichain bridge hack, resulting in the loss of $126 million worth of cryptocurrency. Fantom creator Andre Cronje later revealed that the Fantom team was misled about the actual security level of Multichain, which ceased operations in mid-July 2023.
The Fantom Foundation’s swift response to the October hack and subsequent mitigation of the vulnerability demonstrates their commitment to maintaining high-security standards for their platform. The award given to the security researcher highlights the importance of collaboration between developers and researchers in the blockchain industry. Despite the recent hack, the value of the Fantom token has continued to rise, indicating confidence in the project’s potential.