Fantom Foundation hot wallet hacked for $550K

The Fantom Foundation, the developer of the Fantom network, has been hacked for over $550,000 worth of cryptocurrency. The foundation confirmed the attack on X (formerly Twitter), claiming that the loss represented less than 1% of its funds. The team also claimed that other users of Fantom wallets were compromised.

Blockchain security researchers initially reported that the attacker stole approximately $7 million in crypto. The Fantom Foundation later released an official statement saying that some of the wallets labeled “Fantom: Foundation wallet” were mislabeled by block explorers and that not all of the stolen funds were from the foundation. According to the team, some of the wallets impacted originally belonged to the foundation, but had since been reassigned to a Fantom employee and were no longer holding company funds. The team is currently investigating the attack in an attempt to determine how the wallets were compromised.

The Fantom Foundation is the developer behind Fantom network, an Ethereum Virtual Machine (EVM)-compatible smart contract platform. The network has over $45 million in assets locked within its contracts, according to DeFiLlama. The attack was against the foundation and other Fantom wallet users, not against the Fantom network.

Blockchain data shows that an address labeled “Fake_Phishing188024” was sent over 2,000 CVX and other cryptocurrencies from an address labeled by Etherscan as belonging to the Fantom Foundation. On-chain sleuth Spreek reported the attack on X and estimated losses at $6.7 million. Security platform CertiK also estimated losses at approximately $7 million.

On October 17, Spreek reported that the foundation was “allegedly” attacked, based on a report from Telegram. They later listed the hacked wallets and estimated losses at $6.7 million, but also stated that the drained funds may have included other sources outside the Fantom Foundation. 

Related: Fantom DEX rescued at eleventh hour following planned shutdown

Blockchain security platform CertiK confirmed that the foundation had been hacked. Certik initially estimated losses at  $657,000 but later updated this figure to approximately $7 million taken by the attacker. Delving into the blockchain data shows that the account labeled “Fantom Foundation Wallet 1” by Etherscan sent over 2,000 Convex (CVX) tokens, 1,000 Dai (DAI), 4,500 USDC (USDC) and other tokens to a wallet labeled “Fake_Phishing188024.” In addition, the account labled “Fantom Foundation Wallet 20” by the Fantom network block explorer sent over 1 million Fantom (FTM) tokens to an account labeled “Fake_Phishing32.” When a development team sends funds to a known scam account, this generally indicates that the team’s private key has been stolen. 

The Fantom Foundation confirmed the attack on X, claiming that most of the funds stolen belonged to other users and that 99% of the foundation’s funds remain safe. The team is currently investing the attack, they stated.

Update October 17, 6:40 UTC: This article has been updated to include an official statement from the Fantom Foundation on X.

Update October 17, 5:55 pm UTC : This article has been updated to show that CertiK increased its estimate of total losses and to provide statements from a Fantom Telegram group admin.

This is a developing story, and further information will be added as it becomes available.

Collect this article as an NFT to preserve this moment in history and show your support for independent journalism in the crypto space.