The Fantom Foundation has awarded $1.7 million to a security researcher as a bounty for their quick action in preventing a potential $170 million hack. The incident in question took place on October 17 when an attacker drained over $550,000 from a reassigned Fantom wallet, leading to an employee losing over $7 million.
Fantom’s acknowledgement of the researcher’s efforts came to light in a blog post on Monday, November 20.
The security breach and subsequent heist came in the wake of a $126 million exploit in July, which was related to the Multichain bridge hack, prompting Fantom to adopt a robust approach to network security.
The $1.7 Million Bounty and its Significance
The $1.7 million awarded to the security researcher is directly connected to the October 17 incident. The researcher’s prompt alert revealed an additional potential risk associated with the compromise, preventing a possible $170 million loss for Fantom.
The vulnerability identified by the unnamed researcher pertained to the Fantom ERC-20 FTM contract, which was left exposed by a previous attack on the wallet, making it vulnerable to hackers minting FTM tokens on Ethereum. The compromised wallet contained a “dormant admin token.” Fantom highlighted that despite initially claiming its wallets were unaffected, the researcher’s discovery exposed potential vulnerabilities that could have led to further damage.
What was the original amount of the hack that occurred on October 17?
The original hack targeted a reassigned Fantom wallet, resulting in the loss of over $550,000. Additionally, an employee lost over $7 million in the incident.
What was the potential loss averted by the security researcher’s alert?
The security researcher’s prompt alert helped avert a possible loss of $170 million for Fantom.
When did the previous $126 million exploit take place?
The previous exploit, which amounted to $126 million, occurred in July and was related to the Multichain bridge hack.