Hedera says that cybercriminals stole tokens from DEXs by exploiting a flaw in “smart contract service”


The Hedera core team revealed that the attackers stole funds from liquidity pools on numerous decentralized exchanges (DEXs).

According to the Hedera core team, there was a recent network issue in which hackers stole funds from user accounts on decentralized exchanges.

The attackers exploited a flaw in the “Hedera smart contract service” to move Hedera Token Service (HTS) tokens from user accounts to their own. The Hedera smart contract service is a network-integrated computing layer that helps Ethereum-compatible applications execute.

“Today, attackers attacked the Hedera mainnet’s smart contract service code to move Hedera Token Service tokens owned by victims to their own accounts,” the firm tweeted from its official account.

The Hedera core team revealed that the attackers targeted liquidity pools on numerous decentralized exchanges (DEXs) that have bridged Hedera tokens to the network’s smart contract service. Several DEXs were impacted, including Pangolin, SaucerSwap, and HeliSwap.

The HBAR Foundation, the group behind the blockchain, openly announced “network anomalies” impacting numerous Hedera-based decentralized apps (dApps) and their users a day before today’s confirmation of the vulnerability.

Numerous Hedera ecosystem initiatives have collaborated to examine the problem. To avoid the theft of tokens in the future, the Hedera team temporarily disabled “mainnet proxies,” removing users’ access to the mainnet.

Hedera disabled mainnet proxies, which cut off access to the mainnet and prevented the attacker from stealing additional tokens. “The team has discovered the issue’s fundamental cause and is working on a remedy,” the Hedera team noted.

Several groups are currently creating a fix for the issue. After the remedy is complete, Hedera Council members will sign transactions authorizing the deployment of revised code on the mainnet to eliminate the vulnerability. The mainnet proxy servers will be reactivated, and regular operations will resume, the team noted.

Also Read: Congressman says CBDCs might be “easily weaponized” to spy on US people

Leave A Reply

Your email address will not be published.