The attackers target Smart Contract Service Code
The attackers target Smart Contract Service Code
The decentralized proof-of-stake (POS) -Blockchain Hedera finally confirmed a security violation. In an update, the team revealed behind the platform that attackers have succeeded in using the Smart Contract Service code of the main network of the protocol to transfer Hedera token service token that are held by the victim's accounts.
The team identified the cause of the problem and work on a solution.
Hedera-Exploit
hedera also noticed that the attackers aimed at those accounts that were used as liquidity pools on several decentralized stock exchanges - including pangolin, saucerswap and heliswap - uniswap was used by V2 to use the Hedera token service to carry out the theft.
hedera announced the shutdown of network services and first mentioned the occurrence of "network disregarding". In the last confirmation Thrusted from the platform, it is said that the MINNET-PROXYS is still off To prevent the attacker from stealing more tokens, which removes user access to the Mainnet. The team is currently working on a solution.
"As soon as the solution is finished, the members of the Hedera Council transactions will sign to approve the provision of updated code in the Mainset in order to eliminate this weak point. At this point, the Mainnet proxies will be switched on so that normal activity can be resumed."
irregularities in the network
Several decentralized applications that were carried out in the network had previously reported suspicious activities. Hedera-based cross-chain solution, hashport bridge, The first company was Founded bridged assets after irregularities in intelligent contracts were found at the beginning of this week.
So far, the Hedera Token Service (HTS) and the Hedera Consensus Service (HCS) have been affected by the Exploit.Defi research company Ignas The exploit aims at the "Decompilation process in smart contracts". Several decentralized decentralized stock exchanges, on the other hand, confirmed it was not affected by the exploit Users not to deduct liquidity from the platform.
The boss of Pangolin, Justin Trollip, explained that the decentralized stock exchange was withdrawn $ 20,000, in addition to the $ 2,000 from Heliswap. Hours later he received information that indicated that another 100,000 were stolen. The attackers could not remove their funds from Hedera because they no longer had access to paused hashport tokens. Your exit plan for Ethereum was also compromised thanks to the joint efforts of the teams.
The attackers then tried to move their funds to CHANGENOW.IO and GODEX.IO. According to Trollip, a team member reported to the centralized crypto exchanges to stop the activity and the authorities were alerted.
After the incident, the blocked total value (TVL) sinks rapidly. According to Defillama, Hederas TVL fell to $ 24.59 million, which corresponds to a decline of more than 16 % in the last 24 hours.
The native token from Hedera, Hbar, also suffered over 7 % losses and has currently been traded at $ 0.057.
.