Holograph protocol sabotaged by disgruntled contractor
An internal investigation revealed that a former disgruntled contractor was responsible for hacking the blockchain tokenization platform Holograph.
On June 13, a hacker exploited the Holograph protocol to mint 1 billion native Holograph (HLG) tokens worth $14.4 million. As a result, the value of HGL tokens dropped by nearly 80% within nine hours of the exploit — from $0.014 to a low of $0.0029.
According to CoinGecko data, HGL attempted an unsustained recovery to $0.0049 before stabilizing at $0.002887 at the time of writing.
Holograph began an internal investigation with blockchain investigation firm Halborn and released a post-mortem of the incident on July 2, highlighting the involvement of “a disgruntled former contractor.” According to Holograph, the former contractor minted $14 million of HLG tokens using a proxy wallet.
The hacker then sold the newly minted HLG tokens to crypto investors in the open market, consequently crashing its price.
The former contractor-turned-hacker meticulously planned the heist months in advance, knowing they had admin access to Holograph Protocol v1 contracts, which was later used as a backdoor.
Holograph intends to involve law enforcement in the investigation. After identifying the cause, Holograph resumed bridging on the v2 protocol and advised all crypto exchanges to allow HLG deposits and withdrawals.
The protocol will implement a burn plan to reduce the maximum supply of the HLG tokens to 10 billion. In response to a community member’s concerns about the inflated circulating supply, Holograph replied:
“Yes, only circulating supply is being burned to return circulating back to original schedule.”
The protocol has not yet shared plans for the lost funds' recovery and law enforcement proceedings in an upcoming update.
Related: Crypto hacks down by 54.2% in June, $176M lost in a month
Holograph implemented a comprehensive resolution, including operational risk controls, to prevent insider attacks.
On June 3, Bittensor protocol Bittensor was also forced to halt its network activity following a series of wallet drains that saw at least $8 million worth of digital assets stole n.
The network outage aiming to contain the exploit was announced by Bittensor co-founder Ala Shaabana:
“By way of an update, we have contained the attack and put the chain into safe mode (blocks producing but no transactions are permitted). We’re still mid-investigation and are considering all possibilities.”
The unknown address “5FbW” was exploited to obtain 32,000 Bittensor (TAO) tokens worth approximately $8 million at the time of writing.
Magazine: Crypto-Sec: Phishing scammer goes after Hedera users, address poisoner gets $70K
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
Bitcoin ETFs score highest net inflows in 30 days amid volatility from Mt. Gox unlocks
After two consecutive trading days of net outflows, US-based spot bitcoin ETFs on July 5 saw the largest net inflows since June 6, thirty days ago, largely led by gains to Fidelity’s FBTC fund, Coinglass data shows.“The outlook for Bitcoin has never been stronger,” Bitwise’s CEO posted on X.
