Carding 4 Carders
Professional
What happened to Fantom Foundation wallets?
The Fantom Foundation, which supports the Fantom blockchain network, has experienced a data leak due to a security vulnerability in Google Chrome. Attackers were able to use this vulnerability to steal the private keys of Fantom Foundation wallets, which allowed them to steal more than $550,000 worth of cryptocurrency. The official Twitter account of the Foundation confirmed this incident, although the investigation is still ongoing.
Discussions among users in the Fantom Foundation Telegram channel suggest that the exploited vulnerability may be related to a buffer overflow in the WebP format of Google Chrome , which has a high CVSS score of 8.8 (CVE-2023-4863). The vulnerability allows a remote attacker to write to memory outside the allowed limits.
According to the Fantom Foundation, only a small number of wallets were compromised, and the vast majority of the Fund's funds (more than 99%) remained safe. It was also revealed that the main target of the attack was an employee of the Foundation.
"The personal wallets of a Fantom employee were compromised. Some of these wallets were labeled as "Foundation Wallets", but they were no longer used by the organization and were transferred to a Fantom employee, making this attack targeted. Funds lost by an employee are currently being tracked and investigated." - Fantom Foundation.
Cryptocurrency and blockchain security firm CertiK also confirmed the data leak, saying that Fantom Foundation wallets were emptied on the Ethereum and Fantom platforms.
The Fantom Foundation announced that it is working with security experts to investigate the attack and recommended that users update their Google Chrome browsers to the latest version.
The incident highlights the importance of training employees on cybersecurity, regularly updating software, and taking strong security measures to protect their data.
The Fantom Foundation, which supports the Fantom blockchain network, has experienced a data leak due to a security vulnerability in Google Chrome. Attackers were able to use this vulnerability to steal the private keys of Fantom Foundation wallets, which allowed them to steal more than $550,000 worth of cryptocurrency. The official Twitter account of the Foundation confirmed this incident, although the investigation is still ongoing.
Discussions among users in the Fantom Foundation Telegram channel suggest that the exploited vulnerability may be related to a buffer overflow in the WebP format of Google Chrome , which has a high CVSS score of 8.8 (CVE-2023-4863). The vulnerability allows a remote attacker to write to memory outside the allowed limits.
According to the Fantom Foundation, only a small number of wallets were compromised, and the vast majority of the Fund's funds (more than 99%) remained safe. It was also revealed that the main target of the attack was an employee of the Foundation.
"The personal wallets of a Fantom employee were compromised. Some of these wallets were labeled as "Foundation Wallets", but they were no longer used by the organization and were transferred to a Fantom employee, making this attack targeted. Funds lost by an employee are currently being tracked and investigated." - Fantom Foundation.
Cryptocurrency and blockchain security firm CertiK also confirmed the data leak, saying that Fantom Foundation wallets were emptied on the Ethereum and Fantom platforms.
The Fantom Foundation announced that it is working with security experts to investigate the attack and recommended that users update their Google Chrome browsers to the latest version.
The incident highlights the importance of training employees on cybersecurity, regularly updating software, and taking strong security measures to protect their data.