Holograph protocol sabotaged by disgruntled contractor
An internal investigation revealed that a former disgruntled contractor was responsible for hacking the blockchain tokenization platform Holograph.
On June 13, a hacker exploited the Holograph protocol to mint 1 billion native Holograph (HLG) tokens worth $14.4 million. As a result, the value of HGL tokens dropped by nearly 80% within nine hours of the exploit — from $0.014 to a low of $0.0029.
Source: HolographAccording to CoinGecko data, HGL attempted an unsustained recovery to $0.0049 before stabilizing at $0.002887 at the time of writing.
Holograph (HGL) token monthly price chart. Source: CoinGeckoHolograph began an internal investigation with blockchain investigation firm Halborn and released a post-mortem of the incident on July 2, highlighting the involvement of “a disgruntled former contractor.” According to Holograph, the former contractor minted $14 million of HLG tokens using a proxy wallet.
The hacker then sold the newly minted HLG tokens to crypto investors in the open market, consequently crashing its price.
The former contractor-turned-hacker meticulously planned the heist months in advance, knowing they had admin access to Holograph Protocol v1 contracts, which was later used as a backdoor.
Breakdown of the hacker’s activity on Holograph protocol. Source: HalbornHolograph intends to involve law enforcement in the investigation. After identifying the cause, Holograph resumed bridging on the v2 protocol and advised all crypto exchanges to allow HLG deposits and withdrawals.
The protocol will implement a burn plan to reduce the maximum supply of the HLG tokens to 10 billion. In response to a community member’s concerns about the inflated circulating supply, Holograph replied:
“Yes, only circulating supply is being burned to return circulating back to original schedule.”
The protocol has not yet shared plans for the lost funds' recovery and law enforcement proceedings in an upcoming update.
Related: Crypto hacks down by 54.2% in June, $176M lost in a month
Holograph implemented a comprehensive resolution, including operational risk controls, to prevent insider attacks.
On June 3, Bittensor protocol Bittensor was also forced to halt its network activity following a series of wallet drains that saw at least $8 million worth of digital assets stole n.
The network outage aiming to contain the exploit was announced by Bittensor co-founder Ala Shaabana:
“By way of an update, we have contained the attack and put the chain into safe mode (blocks producing but no transactions are permitted). We’re still mid-investigation and are considering all possibilities.”
The unknown address “5FbW” was exploited to obtain 32,000 Bittensor (TAO) tokens worth approximately $8 million at the time of writing.
Magazine: Crypto-Sec: Phishing scammer goes after Hedera users, address poisoner gets $70K
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
ETH breaks through $3,400
IBIT had a net inflow of US$608.2 million yesterday
US spot Ethereum ETF had a net outflow of $9 million yesterday