Fantom-based Fantasm Finance was exploited for over $2.6 million worth of crypto with the stolen tokens being swapped for Ether using Tornado Cash so let’s read more in today’s latest crypto news.
Some of the funds were recovered from the protocol during the early hours of Thursday but either way, Fantom-based Fantasm Finance got exploited. The platform’s native token crashed after the exploit as the platform noted:
“Our FTM collateral reserve has been exploited, there is still 1,820,012 FTM pool balance remaining currently for redemption.”
URGENT ANNOUNCEMENT : Redeem your XFTM
Our FTM collateral reserve has been exploited, there is still 1,820,012 FTM pool balance remaining currently for redemption.
Exploiter address:https://t.co/lVxIF3HMYI
We are looking into this right now, more details to follow immediately
— Fantasm Finance (@fantasm_finance) March 9, 2022
Hackers were able to mint XFTM which is a representation of Fantom’s FTM on Fantasm by using a small amount of the FSM tokens. The hackers started with 50 FTM and then used larger amounts to swap over 2.8 million XFTM in total. The lead engineer at Alpha Finance Nipun Pitimanaaree explained after examining the blockchain records. The stolen funds were swapped for over 1007 ether with the help of the Tornado Cash privacy protocol which allows for anonymous token swaps.
The fantasm developers said that some of the FTM collateral was “white hacked” which is a process that refers to exploiting a protocol to flag security concerns or eventually recover tokens at risk of being hacked. Fantasm Finance launched earlier this month and it Is a decentralized finance project which is aimed to develop synthetic tokens for the Fantaom ecosystem. The DEFI refers to the use of smart contracts rather than third parties for providing financial services for users while the synthetic tokens are blockchain-based representations of financial assets.
1/ 🚨 @fantasm_finance was exploited, resulting in > $2.6M loss (> 1000 $ETH swapped & bridged to @TornadoCash)
Root cause: unchecked `_ftmIn` amount, leading to attacker able to mint $XFTM by only supplying $FSM (instead of both)
💥🐛 Here’s the exploit & bug analysis 👇 pic.twitter.com/dQIu2YABKz
— Nipun | Alpha (@nipun_pit) March 10, 2022
Fantasm developers said in their compensation plan for affected users that was working out. In the meantime, Pitimanaaree cautioned that additional vulnerabilities related to Fantasm’s flash loan could still exist.
As recently reported, Fantom’s losses calmed down after the tokens and Defi value locked dropped over the past day from the announcement that Andre Cronje will be leaving the crypto industry. Fantom’s losses calmed down with FTM even recovering some of its losses following the crash after DeFi architect Andre Cronje and his business partner said they will no longer be involved in the crypto market. Cronje was one of the many developers that built products based on Ethereum, FAntom which garnered a huge following. He was the key architect behind the projects like Yearn Finance and Keep3r Network as well as an adviser to Fantom Foundation.
DC Forecasts is a leader in many crypto news categories, striving for the highest journalistic standards and abiding by a strict set of editorial policies. If you are interested to offer your expertise or contribute to our news website, feel free to contact us at [email protected]
Discussion about this post