{"id":75327,"date":"2023-03-10T12:10:52","date_gmt":"2023-03-10T10:10:52","guid":{"rendered":"https:\/\/forklog.com\/en\/?p=75327"},"modified":"2025-09-10T10:58:31","modified_gmt":"2025-09-10T07:58:31","slug":"hedera-hacked-for-an-undisclosed-amount","status":"publish","type":"post","link":"https:\/\/forklog.com\/en\/hedera-hacked-for-an-undisclosed-amount\/","title":{"rendered":"Hedera hacked for an undisclosed amount"},"content":{"rendered":"<p>The Hedera Hashgraph platform team reported an unauthorized withdrawal of assets from the Hedera Token Service as a result of a breach by an unnamed mainnet smart-contract service.<\/p>\n<blockquote class=\"twitter-tweet\" data-lang=\"en\">\n<p lang=\"en\" dir=\"ltr\">Today, attackers exploited the Smart Contract Service code of the Hedera mainnet to transfer Hedera Token Service tokens held by victims\u2019 accounts to their own account. (1\/6)<\/p>\n<p>\u2014 Hedera (@hedera) <a href=\"https:\/\/twitter.com\/hedera\/status\/1634055353435561986?ref_src=twsrc%5Etfw\">March 10, 2023<\/a><\/p><\/blockquote>\n<p> <script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p>\u201cThe attacker\u2019s targets were the accounts used as liquidity pools on several <span data-descr=\"decentralized exchange\" class=\"old_tooltip\">DEX<\/span> built on Uniswap v2 code, including Pangolin, SaucerSwap and HeliSwap,\u201d the developers clarified.<\/p>\n<\/blockquote>\n<p>The hacker&#8217;s transfer of funds was detected by operators <a href=\"https:\/\/forklog.com\/en\/news\/what-are-cross-chain-bridges\">cross-chain bridge<\/a> HashportNetwork and they promptly disabled it.<\/p>\n<blockquote class=\"twitter-tweet\" data-conversation=\"none\" data-lang=\"en\">\n<p lang=\"en\" dir=\"ltr\">When the attackers moved tokens obtained through these attacks over the <a href=\"https:\/\/twitter.com\/HashportNetwork?ref_src=twsrc%5Etfw\">@HashportNetwork<\/a> bridge, the bridge operators detected the activity and took swift action to disable it. (3\/6)<\/p>\n<p>\u2014 Hedera (@hedera) <a href=\"https:\/\/twitter.com\/hedera\/status\/1634055358099644418?ref_src=twsrc%5Etfw\">March 10, 2023<\/a><\/p><\/blockquote>\n<p> <script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>To prevent further damage, the Hedera team halted the mainnet proxy servers. The network will resume operations once the patched code is deployed.<\/p>\n<p>The developers did not specify how many tokens the attacker managed to steal. PeckShield analysts noted that the platform\u2019s TVL\u2014<span data-descr=\"total value locked in smart contracts\" class=\"old_tooltip\">TVL<\/span>\u2014fell 33% from $36.1 million to $24.6 million.<\/p>\n<blockquote class=\"twitter-tweet\" data-lang=\"en\">\n<p lang=\"en\" dir=\"ltr\"><a href=\"https:\/\/twitter.com\/hashtag\/PeckShieldAlert?src=hash&#038;ref_src=twsrc%5Etfw\">#PeckShieldAlert<\/a> <a href=\"https:\/\/twitter.com\/hedera?ref_src=twsrc%5Etfw\">@hedera<\/a> has reported that they suffered an exploit. The TVL on Hedera has dropped -33% from $36.1M to $24.6M <a href=\"https:\/\/t.co\/knZfKSUdkg\">https:\/\/t.co\/knZfKSUdkg<\/a> <a href=\"https:\/\/t.co\/QVmwXq8CPg\">pic.twitter.com\/QVmwXq8CPg<\/a><\/p>\n<p>\u2014 PeckShieldAlert (@PeckShieldAlert) <a href=\"https:\/\/twitter.com\/PeckShieldAlert\/status\/1634074245608390656?ref_src=twsrc%5Etfw\">March 10, 2023<\/a><\/p><\/blockquote>\n<p> <script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>SaucerSwap confirmed that the attack vector was the decompilation of Hedera\u2019s smart contracts. According to the exchange\u2019s statement, users\u2019 funds were not affected.<\/p>\n<blockquote class=\"twitter-tweet\" data-conversation=\"none\" data-lang=\"en\">\n<p lang=\"en\" dir=\"ltr\">UPDATE: We no longer advise users to withdraw liquidity. SaucerSwap is unaffected.<\/p>\n<p>See here: <a href=\"https:\/\/t.co\/PVZtlS3yls\">https:\/\/t.co\/PVZtlS3yls<\/a><\/p>\n<p>\u2014 SaucerSwap Labs ? (@SaucerSwapLabs) <a href=\"https:\/\/twitter.com\/SaucerSwapLabs\/status\/1633848414222835714?ref_src=twsrc%5Etfw\">March 9, 2023<\/a><\/p><\/blockquote>\n<p> <script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script> <\/p>\n<p>The Hedera token price (HBAR) did not react to the incident. Over the last 24 hours the asset fell 4.7%, roughly in line with market trends. Over the same period <a href=\"https:\/\/forklog.com\/en\/news\/bitcoin-price-tests-below-20000\">Bitcoin fell<\/a> by 7.7%, the overall cryptocurrency market cap declined by 7.3%.<\/p>\n<figure class=\"wp-block-image\"><img decoding=\"async\" src=\"https:\/\/lh3.googleusercontent.com\/MlU_ENadokULk1hBjeipvw2W_wQRgvvv3TuTJ45fjAB4HRUSu09_OqISlCYSZRABLBQ2mWSRaFo2dvnCNVbiyCJzElcz9YujtPP1EP_MnPdzWbufQcEt6auGDwJgd4vC7tiUug-6OEDjdIpeuqJQ5f8\" alt=\"Hedera hacked for an undisclosed amount\"\/><figcaption>Data: <a href=\"https:\/\/www.coingecko.com\/\">CoinGecko<\/a>.<\/figcaption><\/figure>\n<p>In September 2022, the Korean electronics company LG Electronics <a href=\"https:\/\/forklog.com\/en\/news\/lg-electronics-launches-hedera-based-nft-platform\">launched<\/a> an NFT platform built on Hedera.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The Hedera Hashgraph platform team reported an unauthorized withdrawal of assets from the Hedera Token Service following a breach by an unnamed mainnet smart-contract service.<\/p>\n","protected":false},"author":1,"featured_media":75328,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"select":"1","news_style_id":"1","cryptorium_level":"","_short_excerpt_text":"","creation_source":"","_metatest_mainpost_news_update":false,"footnotes":""},"categories":[3],"tags":[1154,1365],"class_list":["post-75327","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news-and-analysis","tag-crimes","tag-hedera-hashgraph"],"aioseo_notices":[],"amp_enabled":true,"views":"16","promo_type":"1","layout_type":"1","short_excerpt":"","is_update":"","_links":{"self":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/75327","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/comments?post=75327"}],"version-history":[{"count":1,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/75327\/revisions"}],"predecessor-version":[{"id":75329,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/75327\/revisions\/75329"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/media\/75328"}],"wp:attachment":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/media?parent=75327"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/categories?post=75327"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/tags?post=75327"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}