On October 7th, 2020, the Fantom Foundation, a Ho Chi Minh City-based blockchain infrastructure firm, faced a major security breach, resulting in a significant portion of its funds being lost. More than $6.7 million worth of assets were exposed in the attack, including in the form of Fantom Foundation’s native token, the FTM. The targeted funds were stored in the company’s hot wallet, meaning that the funds were accessible online as opposed to being kept in a cold storage wallet which is not connected to the internet, and thus more secure.
The breach was reported to be the result of a hack into the system by a youthful hacker group known as The Dark Overlord. The breach was discovered and initially disclosed by cybersecurity firm Group-IB after The Dark Overlord posted a tweet indirectly claiming that they had accessed the foundation’s hot wallet.
It is believed the funds were stolen through an exploit of the Tokamak Network, a layer-two scaling solution built on Fantom’s Opera blockchain network, and can be attributed to a misconfigured smart contract. Following the exploit, the asset have been transferred to multiple wallets, which have been linked to the Dark Overlord. Fantom Foundation has since released a statement noting that it continues to monitor the situation closely and is in contact with members of the law enforcement, as it works to recover the lost funds.