To mitigate the impact on users, Holograph has initiated a compensation and refund program, ensuring that affected users are reimbursed for their losses.
Holograph, an omnichannel tokenization platform, has been severely impacted by a security breach that allowed a malicious actor to mint 1 billion HLG tokens. This exploit caused HLG’s market value to drop by 80% within nine hours, highlighting vulnerabilities within the platform’s smart contracts.
The Exploit
The hacker exploited the Holograph Operator contract, enabling the unauthorized minting of 1 billion HLG tokens. According to Etherscan, the exploit was executed through nine transactions, with the first one occurring on June 13 at 9:47 am UTC.
The Holograph Operator contract has been exploited by a malicious actor, enabling the hacker to mint 1 billion additional HLG
The team has patched the initial exploit & is working with exchange partners to lock the malicious accounts
The team has launched an investigation & is…
— Holograph (@holographxyz) June 13, 2024
The hacker sent seven of these transactions in batches of 100 million tokens. This rapid influx of newly minted tokens triggered a sharp decline in HLG’s value, causing the price to plummet from $0.014 to a local low of $0.0029, a 79.4% drop within just ten minutes.
Following the exploit, HLG’s market capitalization fell dramatically from nearly $22 million to $4.8 million. Although the token has slightly recovered to $0.0069, the damage to investor confidence is significant. The 1 billion HLG tokens minted by the hacker are currently valued at $7.4 million. The attacker began converting the tokens into the stablecoin Tether (USDT) approximately four hours after the initial exploit, further destabilizing the HLG market.
Holograph’s Response
In response to the breach, the Holograph team has patched the initial vulnerability in the smart contract and is collaborating with exchange partners to lock the malicious accounts. They have launched an investigation and are in the process of contacting law enforcement to pursue legal action against the perpetrator.
To mitigate the impact on users, Holograph has initiated a compensation and refund program, ensuring that affected users are reimbursed for their losses.
Recent Surge in Crypto Hacks
The Holograph incident is part of a troubling trend of increasing cyberattacks targeting DeFi platforms. UwU Lend, a blockchain lending platform, yesterday suffered a second exploit as it was in the process of reimbursing victims from a $20 million hack. The initial attack on June 10 saw hackers manipulating the prices of USDe tokens to steal other cryptocurrencies from the platform.
In May, Gala Games was also hacked, with the exploited minting $5 billion GALA worth $214 million at that time. While the Gala Games team managed to recover a small portion of the stolen funds, the majority of the funds are yet to be recovered.
These incidents add to a barrage of high-profile hacks that have occurred in the past few months. According to CertiK, the first three months of 2024 saw over $502 million worth of digital assets stolen in various hacks, underscoring the urgent need for stronger security measures in the crypto industry.
next