Main navigation

Scam Alert: Here's What We Know About Hedera Exploit

Fri, 03/10/2023 - 15:20
article image
Godfrey Benjamin
More than $550,000 confirmed stolen from Hedera thus far
Scam Alert: Here's What We Know About Hedera Exploit
Cover image via

Disclaimer: The opinion expressed here is not investment advice – it is provided for informational purposes only. It does not necessarily reflect the opinion of U.Today. Every investment and all trading involves risk, so you should always perform your own research prior to making decisions. We do not recommend investing money you cannot afford to lose.

Read U.TODAY on
Google News

Though the exploit in the Decentralized Finance (DeFi) ecosystem in this first quarter is not so pronounced, we have been seeing protocol exploitations on a consistent basis. One of the latest is the hack of the Hedera protocol, as announced by the proof-of-stake (PoS) network earlier today.

According to Hedera, the attacker targeted the Smart Contract Service code by exploiting accounts used as liquidity pools on multiple DEXes that use Uniswap v2-derived contract code ported over to Hedera Token Service. Per Hedera, the impacted protocols include Pangolin Hedera, SaucerSwap Labs and HeliSwap, respectively.

In a recent tweet shared by data intelligence firm CertiK, a total of approximately $570,000 has been confirmed stolen from the Hedera protocol thus far. 

While the sum appears small, it lends credence to the swift move from the protocol's partners, who reportedly acted swiftly to block funds movement from hackers. The Hedera team said it has taken more proactive steps to prevent additional fund drain.

“To prevent the attacker from being able to steal more tokens, Hedera turned off mainnet proxies, which removed user access to the mainnet. The team has identified the root cause of the issue and are working on a solution” the update reads.

'In-the-Wild' Hack on BSC Is Ongoing Right Now: What's Happening?

Is there an end to these exploits?

Unlike financial services firms in the traditional banking sector, those operating in Web3.0 are notably prone to these exploits from cyber criminals. 

While it is often been touted as a highly secure technology, hackers have devised clever means to deceive users in order to gain access to their private keys and other important data that can harm them. For protocols, the loophole in the security design has also been used as a backdoor to gain access to a platform's controls to drain funds.

User awareness of bridges and wallets remains one of the most important campaign agendas of start-ups in the space.

article image
About the author

Godfrey Benjamin is an experienced crypto journalist whose main goal is to educate everyone around him about the prospects of Web 3.0. His love for crypto was birthed when, as a former banker, he discovered the obvious advantages of decentralized money over traditional payments. With his vast experience covering various aspects of Web3, Godfrey's articles has been featured on, Cryptonews and Coingape, among others.