- Fantom Foundation confirmed reports that funds were drained from one of its wallets.
- The Foundation lost $550,000 in the incident.
- An employee of the Foundation was also hacked in what the team called a “targeted personal attack.”
Fantom Foundation, which develops the Fantom blockchain, has confirmed the loss of $550,000 in its native FTM cryptocurrency to hackers who stole the funds from one of its wallets on Tuesday.
“While there were initial reports of a zero day hack via Google Chrome, the mechanism for the attack is being actively investigated,” the Foundation said while guaranteeing the safety of its treasury.
Zero-day vulnerabilities refer to flaws in software code that are identified by cybercriminals before the software’s vendors become aware of them. This lack of awareness implies that there are no available patches for these bugs when hackers exploit them.
Google has fixed five actively exploited zero-day vulnerabilities in Chrome as of late September 2023 alone. Google security researchers said they have discovered another such vulnerability that may even affect other programmes, including Skype, VLC, and Firefox.
While Fantom did not confirm the hack happened due to a zero-day exploit, other crypto attacks have been caused by this attack vector.
Hackers stole $1.5 million in crypto from Bitcoin ATMs operated by General Bytes in August 2022.
Developers of software compression tool WinRAR, in August this year, finally patched a zero-day bug that had been used by hackers to compromise crypto and stock trading accounts of unsuspecting victims.
Cybersecurity firm Halborn also warned in March that 280 blockchains are at risk of zero-day attacks,with $28 billion in crypto assets potentially at risk.
A ‘targeted attack’
Fantom also revealed that an employee of the Foundation was a victim of a hack but did not clarify if it was related to the attack suffered by the Foundation, nor did it disclose the amount of the loss suffered by the staff member. Earlier reports indicated the losses totalled about $7 million from multiple Fantom-linked addresses.
The Foundation clarified that it was no longer using these wallets and had reassigned them to the employee in question. As such, Fantom said it believes today’s incident which affected the employee was a “targeted personal attack.”
The incident is also the latest negative development for Fantom following its DeFi death spiral and the collapse of Multichain, one of its main bridge protocols.