Hedera, the team behind distributed ledger Hedera Hashgraph, has confirmed a smart contract exploit on the Hedera Mainnet that has led to the theft of several liquidity pool tokens.
Hedera said the attacker targeted liquidity pool tokens on decentralized exchanges (DEXs) that derived its code from Uniswap v2 on Ethereum, which was ported over to use on the Hedera Token Service.
Today, attackers exploited the Smart Contract Service code of the Hedera mainnet to transfer Hedera Token Service tokens held by victims’ accounts to their own account. (1/6)
— Hedera (@hedera) March 10, 2023
The Hedera team explained that the suspicious activity was detected when the attacker attempted to moved the stolen tokens across the Hashport bridge, which consisted of liquidity pool tokens on SaucerSwap, Pangolin and HeliSwap. However, operators then acted promptly to temporarily pause the bridge.
Hedera didn’t confirm the amount of tokens that were stolen.
On Feb. 3, Hedera upgraded the network to convert Ethereum Virtual Machine (EVM)-compatible smart contract code onto the Hedera Token Service (HTS).
Part of this process involves the decompiling of Ethereum contract bytecode to the HTS, which is where Hedera-based DEX SaucerSwap believes the attack vector came from. However, Hedera didn’t confirm this in its most recent post.
Earlier, Hedera managed to shut down network access by turning off IP proxies on Mar. 9. The team said it has identified the “root cause” of the exploit and is “working on a solution.”
To prevent the attacker from being able to steal more tokens, Hedera turned off mainnet proxies, which removed user access to the mainnet. The team has identified the root cause of the issue and are working on a solution. (5/6)
— Hedera (@hedera) March 10, 2023
“Once the solution is ready, Hedera Council members will sign transactions to approve the deployment of updated code on mainnet to remove this vulnerability, at which point the mainnet proxies will be turned back on, allowing normal activity to resume,” the team added.
Since Hedera turned off proxies shortly after it found the potential exploit, the team suggested token holders check the balances on their account ID and Ethereum Virtual Machine (EVM) address on hashscan.io for their own “comfort.”
All HashPack functionality will be unavailable during this downtime
Click Here to Read the Full Original Article at Cointelegraph.com News…