Hedera confirms hackers stole tokens from DEXs, exploiting a bug in 'smart contract service'

Crypto Ecosystems • March 10, 2023, 5:04AM EST
Published 35 minutes earlier on
the block

Quick Take

  • The core team at Hedera reported that the attackers targeted liquidity pools on multiple decentralized exchanges (DEXs) to steal assets.
  • The attackers took advantage of a vulnerability in the “Hedera smart contract service” to funnel crypto tokens from DEXs into their control, the team noted.

The core team at Hedera confirmed there was a recent exploit on the network in which hackers stole funds via users' accounts on decentralized exchanges, it said.

The attackers took advantage of a vulnerability in the "Hedera smart contract service" to transfer the Hedera Token Service (HTS) tokens held in users' accounts to their own accounts. The Hedera smart contract service is a separate computing layer integrated with the network to help run Ethereum-compatible apps.

"Today, attackers exploited the smart contract service code of the Hedera mainnet to transfer Hedera Token Service tokens held by victims’ accounts to their own accounts," the team tweeted from its official account.

The core team at Hedera reported that the attackers targeted liquidity pools on multiple decentralized exchanges (DEXs) that had ported Hedera tokens over to the network's smart contract service via a bridge. The affected multiple DEXs including Pangolin, SaucerSwap and HeliSwap.

Today's confirmation of the exploit comes a day after the HBAR Foundation, the organization behind the blockchain, publicly notified “network irregularities” affecting various Hedera-based decentralized applications (dApps) and their users.

THE SCOOP

Keep up with the latest news, trends, charts and views on crypto and DeFi with a new biweekly newsletter from The Block's Frank Chaparro

By signing-up you agree to our Terms of Service and Privacy Policy
By signing-up you agree to our Terms of Service and Privacy Policy

Turning off access to the mainnet

Several projects in the Hedera ecosystem have worked together to investigate the issue. To prevent any further theft of tokens, the Hedera team temporarily turned off the "mainnet proxies," which removed users' access to the mainnet.

“To prevent the attacker from being able to steal more tokens, Hedera turned off mainnet proxies, which removed user access to the mainnet. The team has identified the root cause of the issue and are working on a solution,” the Hedera team added.

Several teams are still developing a solution to patch the vulnerability. Once the solution is ready, the Hedera Council members will sign transactions to approve the deployment of updated code on the mainnet to remove the vulnerability. The mainnet proxies will be turned back on, and normal activity will resume, the team added.


© 2023 The Block. All Rights Reserved. This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.

About Author

Vishal Chawla is The Block’s crypto ecosystems editor and has spent over six years covering tech protocols, cybersecurity, artificial intelligence and cloud computing. Vishal likes to delve deep into blockchain intricacies to ensure readers are well-informed about the continuously evolving crypto landscape. He is also a staunch advocate for rigorous security practices in the space. Before joining The Block, Vishal held positions at IDG ComputerWorld, CIO, and Crypto Briefing. He can be reached on Twitter at @vishal4c and via email at [email protected]

Editor

To contact the editor of this story:
Tim Copeland at
[email protected]

More by Vishal Chawla