The rival to blockchains, Hedera, a hashgrapgh, suffered exploitation in its Smart Contract Service code of the Hedera mainnet. The breach allowed perpetrators to steal Hedera Token Service tokens from users’ accounts.
Despite the Hedera mainnet reaching a significant milestone of surpassing 5 billion transactions on March 9th, the incident may have marred this achievement.
Hedera is a tough competitor of the blockchain networks, which uses open-source leaderless proof-of-stake networks. Its performance is way higher than blockchain in terms of executing transactions.
As per the incident, the perpetrator launched attacks on liquidity pools across multiple decentralized exchanges (DEXs). The list includes Pangolin Hedera, SaucerSwap Labs, and HeliSwap. According to Hedera, all affected liquidity pools use Uniswap v2-derived contract code ported over to use the Hedera Token Service.
Also Read: Hedera Collaborates with Shinhan Bank on KRW Stablecoin Pilot
The attack came to light by bridge operators when the attackers started moving the token’s hashport bridge. As a countermeasure, the bridge operator disabled the bridging service.
For further investigation and to assess the damage, the Hedera community is taking assistance from Swirlds Labs, HBAR Foundation, Lime Chain, Pangolin Hedera, and others.
Also, Hedera took down the mainnet proxies to avoid any further possible exploitation, so users could not access the network.
Hedera claims that the team has identified a ‘root cause of the issue’ and is working on fixing it.
Hedera writes in a tweet, “Once the solution is ready, Hedera Council members will sign transactions to approve the deployment of updated code on mainnet to remove this vulnerability, at which point the mainnet proxies will be turned back on, allowing normal activity to resume.”
