In a recent cyber incident, the Fantom Foundation, a prominent player in the blockchain space, fell victim to a phishing scam that drained off $7 million from its crypto wallets. The breach was confirmed by blockchain security firm CertiK, which revealed startling details about the attack.
Fantom, renowned for its smart contract and Dapp platform, distinguishes itself by focusing on enhanced transaction speed, outperforming other layer-one blockchains like Ethereum. It’s essential to note that this hack specifically targeted the Fantom Foundation and did not impact the Fantom blockchain itself.
The extent of the damage became evident as the foundation reported losses exceeding $657,000, with $470,000 from Fantom and another $187,000 from Ethereum. CertiK’s investigation further disclosed that the stolen funds, totaling around $7 million, had been consolidated into a single wallet containing approximately 4,500 ETH.
Intricate Details of the Attack
On-chain analysis showcased a variety of tokens pilfered from Fantom, including ETH, Tether (USDT), USD Coin (USDC), Dai stablecoin (DAI), Convex token (CVX), Fantom USD (FUSD), and more. Pseudonymous on-chain sleuth Spreek, cited by CertiK, speculated that Fantom’s wallets might have lost as much as $6.7 million, shedding light on the complexity of the hacker’s operations within the decentralized finance (DeFi) ecosystem.
Following the breach, the value of Fantom’s native token (FTM) plummeted by 4.52% on Tuesday, reaching a seven-day low of $0.1771, down from $0.1855. Meanwhile, CertiK and the Fantom Foundation have yet to provide detailed comments about the incident, leaving the crypto community eagerly awaiting further updates on the ongoing investigation.
Possible Culprits of Fantom Foundation Attack
The identity of the perpetrator remains shrouded in mystery, although suspicions have been raised regarding the involvement of the notorious North Korean Lazarus Group. This cybercriminal organization has been linked to several multi-million dollar crypto hacks, employing social engineering attacks to infiltrate centralized entities, as evidenced by their alleged involvement in the $54 million CoinEX trading platform hack and the $100 million Atomic wallet hack.
Additionally, the Lazarus Group is a potential suspect in the $477 million FTX hack from November. However, blockchain investigators at Elliptic lean towards Russian entities as the more likely culprits, adding an intriguing layer to the ongoing investigation.