The Fantom Foundation, a nonprofit organization behind the Fantom blockchain platform, successfully addressed a significant vulnerability stemming from a $550,000 hot wallet hack on October 17. This incident involved an unknown attacker draining 1% of the Fantom Foundation’s funds.
After the hot wallet hack, the foundation took measures to mitigate the impact, reassigning affected wallets to a Fantom employee. The incident was later revealed to be a “targeted attack.” Subsequently, an unnamed security researcher discovered an additional potential risk related to the hack, as reported in a blog post on Nov. 20.
Uncovering the Vulnerability
The newfound vulnerability was linked to a dormant admin token for Fantom’s ERC-20 FTM contract. This flaw could have empowered the attacker to mint a portion of Fantom for themselves on the Ethereum platform. The potential risk was significant, with the Fantom Foundation estimating that the hacker could have drained $170 million, based on token prices at the time of the hack.
Responding promptly, the Fantom Foundation stated that the vulnerability was swiftly mitigated. In recognition of the security researcher’s contribution, the organization awarded them $1.7 million. The commitment to maintaining high security standards was reiterated, with the foundation expressing gratitude for the ongoing contributions of security researchers.
Despite the recent hack, the Fantom token demonstrated resilience in the market. Over the past four weeks, it has experienced an 82% increase in value, trading at $0.31 at the time of writing. Furthermore, the token has shown a remarkable 78% growth over the past year, according to CoinGecko data.
Fantom Foundation Previous Incidents and Ongoing Developments
This is not the first security incident involving the Fantom Foundation. In July 2023, the network faced a substantial multichain bridge hack, resulting in a loss of $126 million. Fantom creator Andre Cronje attributed the breach to misinformation about the actual security level of Multichain, which ceased operations in mid-July 2023.
The Fantom Foundation, despite challenges, continues to play a crucial role in the blockchain space, providing a platform for decentralized applications since its launch in late 2019.