Fantom Foundation, the entity behind the Fantom blockchain, has revealed that their wallets have been drained of over $550,000 worth of cryptocurrency.
The Fantom Foundation team stated that it was still investigating the attack and would share another update with the community soon.
Fantom Foundation Hacked
The foundation confirmed the hack in a post on X (formerly Twitter). The post revealed that most stolen funds belonged to other users, and 99% of the foundation’s funds were completely safe. The team also added that it was currently investigating the attack.
“We are aware of the reports indicating a small number of Fantom wallets were compromised earlier in the day. At this juncture, we can confirm the wallets in question were affected, including approximately $550K in Fantom Foundation funds. The significant majority of Fantom Foundation funds (more than 99%) were unaffected and remain secure.”
Details Of The Hack
Blockchain security researchers initially reported that the attacker stole around $7 million worth of crypto. However, in an official statement, the Fantom Foundation stated that some of the wallets labeled “Fantom: Foundation Wallet” were mislabeled by block exporters, adding that not all of the stolen funds were from the foundation. According to the team at Fantom, some of the wallets impacted initially belonged to the Fantom Foundation but were reassigned to a Fantom employee and no longer held company funds.
On the 17th of October, an on-chain investigator, Spreek, posted on X that the foundation was allegedly under attack. This was based on a report from Telegram. They also listed the impacted wallet and pegged the loss at around $6.7 million. However, they added that the drained funds could also include other sources that were outside the Fantom Foundation.
“The same attacker did this account. Notably, they unwound a lot of fairly complex DeFi stuff on it, so probably someone quite familiar with the DeFi ecosystem. Total attacker profit (may not all necessarily be from Fantom or related wallets) seems to be ~$6.7m.”
The team is currently investigating the hack to determine how the hot wallets in question were compromised.
Blockchain security firm CertiK also confirmed the Fantom Foundation hack and put the estimated losses at around $657,000. However, this figure was later updated to approximately $7 million.
“Fantom Foundation wallets have been drained on Ethereum and Fantom. So far, we can confirm: that Fantom Foundation Wallet 20 lost ~$470k on FTM. Fantom Foundation Wallet 18 lost at least ~$187k on ETH. Stolen funds have been consolidated into EOA 0x0b1, which holds 4,501.48 ETH (~$7m).”
Looking deeper into the blockchain data, it shows an account called “Fantom Foundation Wallet 1” sent over 2000 CVX, 1000 DAI, 4500 USD Coin, and several other tokens to a wallet called Fake_Phishing188024. Additionally, An account called Fantom Foundation Wallet 20 by the Fantom network block explorer sent over 1 million FTM tokens to another account called Fake_Phishing32.
When the development team sends team funds to unknown scam accounts, it is a good indication that the team’s private keys have been stolen.
Disclaimer: This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.