Connect with us

DeFi News

Hedera Network Confirms the Rumored Exploit, Restricts Mainnet Access

Published

on

Hedera Network Confirms the Rumored Exploit, Restricts Mainnet Access

Hedera Network, a decentralized proof-of-stake ledger, has confirmed that the network has suffered an exploit after reporting “network irregularities” on Thursday.

On Thursday, March 9th, a number of dapps using Hedera Token Service (HTS) reported that they had paused their services on the Hedera network following malicious smart contract activities.

The HBAR Foundation, the organization behind the Hedera ecosystem, later confirmed that there was indeed some unusual activity on the network that impacted various DeFi dapps. The core team at Hedera then announced that they had closed the network’s mainnet proxies, making the network effectively inaccessible, to prevent any damages. The team wrote:

“In an abundance of caution & safety for users, @Hedera is turning off network proxies on mainnet, making it inaccessible.

@Hedera core is working through the smart contract irregularities & will re-enable proxies once resolved.”

Hack Speculations Follow

The report of irregular activity fueled speculation across social media platforms that hackers had attacked the Hedera platform, rather than a technical glitch. DeFi research firm Ignas tweeted that Hedera was under attack and the exploit was targeting the decompiling process in smart contracts. Initially, Hedera neither confirmed nor denied those rumors.

The price of native HBAR coin and DeFi value locked on Hedera fell sharply. According to DeFiLlama, the TVL on the network has dropped more than 16% in the last 24 hours.

Hedera Confirms the Exploit

Hedera Network Confirms the Rumored Exploit, Restricts Mainnet Access

On Friday, March 10th, the core team at Hedera confirmed the exploit. Hedera said:

“Today, attackers exploited the Smart Contract Service code of the Hedera mainnet to transfer Hedera Token Service tokens held by victims’ accounts to their own account.”

According to the confirmation announcement, the exploit mostly affected the DeFi apps on the network that include the DEX platform Pangolin Hedera, SaucerSwap Labs, and HeliSwap. The attacker targeted the accounts used as liquidity pools “on multiple DEXs that use Uniswap v2-derived contract code ported over to use the Hedera Token Service.”

The perpetrator tried to move the funds through a cross-chain bridge Hashport. However, the bridge operator detected the activity and took swift action to disable it.”

While the mainnet is online and reaching consensus, the proxies are still closed, which means that users are still unable to access the mainnet. The team has identified the root cause and is working on a solution. Mainnet proxies will be turned on after the deployment of an updated code on the mainnet.

The extent of loss is still to be determined. A timeline compiled by Pangolin Hedera suggests that the hacker was unable to move funds out of the Hedera ecosystem as the Hashport has blocked the assets.