The Fantom Foundation, a nonprofit organization developing the Fantom blockchain platform, has eliminated a significant vulnerability after a $550,000 hack in October.
On Oct. 17, the Fantom Foundation suffered a hot wallet hack, with an unknown attacker draining 1% of Fantom Foundation’s funds. The foundation subsequently stopped using some of the affected wallets, reassigning them to a Fantom employee, making it a “targeted attack.”
Following the incident, an unnamed security researcher found an additional potential risk associated with the hack and alerted the Fantom Foundation, according to a blog post on Nov. 20. The vulnerability was associated with a dormant admin token for Fantom’s ERC-20 FTM contract, which could potentially allow the attacker the ability to mint a portion of Fantom (FTM) for themselves on Ethereum.
According to the Fantom Foundation, the discovered vulnerability could have allowed the hacker to drain $170 million using the wallet access. The organization said the value of the potential loss is based on the token price at the time of the hack, “though this estimate does not consider the market’s insufficient liquidity to absorb the tokens fully.”
The Fantom Foundation said that the vulnerability was “mitigated quickly,” and the organization awarded the unnamed researcher $1.7 million in recognition of the contribution. The announcement added:
The Fantom Foundation did not immediately respond to Cointelegraph’s request for comment.
Related: Poloniex says hacker’s identity is confirmed, offers last bounty at $10M
Despite the Fantom Foundation losing half a million to a hack one month ago, the Fantom token has risen over the past four weeks. The token has added 82% of value since Oct. 17, trading
Read more on cointelegraph.com