Fantom awards $1.7M bounty to security researcher

Fantom awards $1.7M bounty to security researcher

[ad_1]

The Fantom Foundation says the $1.7 million is bounty for a security researcher whose quick alert helped prevent a potential $170 million hack.
Fantom had lost $550k in October, with the hack targeting a reassigned wallet seeing an employee lose $7 million.

The Fantom Foundation, the non-profit organisation behind the crypto platform Fantom, rewarded a security researcher whose efforts helped foil a potential catastrophic hack.

Fantom’s award of $1.7 million was revealed in a blog post on Monday, November 20. 

Bounty relates to $550k hack

According to the Fantom Foundation, the bounty relates to the October 17 incident that saw an attacker drain over $550k from a Fantom wallet that had been reassigned to an employee. The “targeted attack” reportedly saw the employee lose over $7 million.

But while Fantom Foundation maintained its wallets were not impacted in any major way, with funds safe, a researcher found a vulnerability that exposed them to more damage.

“A security researcher identified an additional potential risk associated with the compromise and reached out promptly to alert us,” the platform noted in the blog post.

$170 million hack prevented

The alert by the unidentified researcher pointed to the potential risk posed to Fantom’s ERC-20 FTM contract. Apparently, the previous attack on the said wallet had left it vulnerable to an attack that could see the hacker(s) mint FTM tokens on Ethereum. The compromised wallet held “a dormant admin token.”

According to the Fantom Foundation, the blockchain researcher’s quick response helped avert a possible loss of $170 million. For his efforts, the researcher has been awarded $1.7 million.

That incident came roughly three months after Fantom suffered a $126 million exploit in July. 

The security breach and subsequent heist was related to the Multichain bridge hack. Efforts to prevent such losses have seen the Fantom team take a robust approach to network security



[ad_2]

Source link

Leave a Reply

Your email address will not be published. Required fields are marked *