• Hedera blockchain platform has suffered a security breach in which attackers exploited the Smart Contract Service code.
• The exact amount of tokens stolen is yet unknown, and attackers targeted accounts used as liquidity pools on Uniswap v2-derived contract code ported over to use the Hedera Token Service.
• The network services have been shut down by Hedera to prevent further theft until a solution is ready.

Security Breach on Hedera Blockchain

Hedera, a decentralized proof-of-stake (PoS) blockchain, confirmed that attackers managed to exploit their Smart Contract Service code of the protocol’s mainnet, resulting in a security breach. This allowed them to transfer tokens held by victims‘ accounts to their own.

Targets of Attack

The attackers specifically targeted those accounts that were being used as liquidity pools on multiple decentralized exchanges – including Pangolin, SaucerSwap, and HeliSwap – that utilized Uniswap v2-derived contract code ported over to use the Hedera Token Service for token transfers.

Network Services Shut Down

To prevent the attacker from stealing any more tokens and thereby remove user access to the mainnet, Hedera announced shutting down network services while they work on identifying and solving the root cause of this issue. The team is currently working on deploying updated code on mainnet which will remove this vulnerability and allow normal activity to resume once it is approved by members of the Hedera Council.

Unknown Amount Stolen

It is still not known how many tokens were stolen during this attack. The team behind Hedera are investigating this matter and will provide an update when they have more information about it.

Solution in Progress

Hedera has noted that its proxies are still turned off at present in order for them to come up with a viable solution for removing this vulnerability from its platform. Once ready, transactions will be signed by members of the Council in order to deploy updated code on mainnet and resume normal activity across its network once again.

Von admin