Hacker Steals Tokens From Hedera, Exploiting Smart Contract Vulnerability

Hacker Steals Tokens From Hedera

• On March 9, the Hedera Hashgraph distributed ledger revealed that some tokens from its liquidity pool were stolen due to a smart contract vulnerability on the Mainnet.
• The hacker attempted to transfer the stolen tokens through the Hashport bridge, which included tokens from SaucerSwap, Pangolin and HeliSwap liquidity pools.
• Hedera disabled IP proxies soon after discovering the attack and dropped 9% in the previous 24 hours.

Vulnerability Explained

The Hedera Token Service (HTS) was modified on February 3 to support smart contract code that is compatible with Ethereum’s Virtual Machine (EVM). A key step in this procedure is decompiling Ethereum contract bytecode to the HTS, and here is where DEX SaucerSwap thinks the attack vector originated. Nevertheless, in its most recent update, Hedera does not affirm this.

Proxies Disabled After Attack Discovery

On March 9, Hedera successfully disabled IP proxies, cutting off network access. The group claims to have found the exploit’s “root cause” and to be “working on a remedy.” For token holders’ comfort, the team recommended they verify their account ID and Ethereum Virtual Machine (EVM) address balances on hashscan.io after disabling proxies soon after discovering the possible attack.

HBAR Price Drop

The network’s token, HBAR has dropped 9% in the previous 24 hours as of this writing. It is currently trading at $0.05497 as per CMC.


A vulnerability in a smart contract code adapted from Ethereum’s Uniswap v2 deployed on Hedera Token Service enabled an attacker to steal tokens from various liquidity pools like SaucerSwap, Pangolin and HeliSwap of which the total amount was not verified by Hedera yet .The company disabled IP proxies soon after discovering it ,resulting in a drop of 9% price of HBAR token .