Hedera Blockchain, a decentralized proof-of-stake (PoS) protocol, has officially acknowledged a security breach. The platform’s developers highlighted in an update that attackers were able to move Hedera Token Service tokens owned by victims’ accounts to their own by exploiting the Smart Contract Service code of the protocol’s mainnet. The team has discovered the fundamental source of the problem and is working on a remedy, according to the statement.
Hedera blockchain further stated that the attackers specifically targeted accounts used as liquidity pools on numerous decentralized exchanges, including Pangolin, SaucerSwap, and HeliSwap, that employ Uniswap v2-derived contract code moved over to use the Hedera Token Service to carry out the heist.
Hedera announced shutting down network services and initially cited experiencing “network irregularities” as a reason. In the latest confirmation thread posted by the platform, it said the mainnet proxies are still turned off to prevent the attacker from being able to steal more tokens, thereby removing user access to the mainnet. The team is currently working on a solution.
Network Irregularities in Hedera Blockchain
Numerous decentralized network apps had already detected questionable behavior. Hashport Bridge, a Hedera-based cross-chain solution, became the first organization to freeze bridged assets after finding smart contract inconsistencies earlier this week. The exploit has so far affected the Hedera Token Service (HTS) and the Hedera Consensus Service (HCS).
According to DeFi research firm Ignas, the hack targets the “decompiling process in smart contracts.” Nonetheless, some Hedera-based decentralized exchanges urged customers to withdraw their assets. SaucerSwap later verified that it was unaffected by the attack and advised users not to remove liquidity from the site.
Nevertheless, Pangolin CEO Justin Trollip revealed that the decentralized exchange had been depleted of $20,000, in addition to $2,000 from HeliSwap. Hours later, he received word that another $100,000 had been taken. Because they no longer had access to halted Hashport tokens, the attackers were unable to transport their cash off Hedera blockchain. Their Ethereum exit strategy was also jeopardized as a result of the teams’ collaborative efforts.
The attackers, however, began attempting to relocate their cash to ChangeNow.io and Godex.io. Trollip reports that a staff member has contacted the centralized crypto exchanges to stop the activities, and authorities have been notified.
The total value locked (TVL) is quickly decreasing as a result of the occurrence. According to data compiled by DefiLlama, TVL of Hedera Blockchain fell to $24.59 million, down by more than 16% over the past 24 hours.