Fantasm Finance, a synthetic assets network, has lost 1,007 ETH – worth around $2.6 million in an attack on March 9. The platform has apologized to its community and is looking into the incident. Fantasm Finance is also looking at the option of compensating the members who lost their assets.
According to PeckShield, the attacker used Tornando Cash to hide the transactions. Attackers and hackers often use Tornando Cash to break the link between source and destination addresses. In other words, it obscures transaction history.
Fantasm Finance took to Twitter to reveal the hacking incident. It said their FTM collateral reserve has been exploited. But the platform still has 1,820,012 FTM pool balance remaining for redemption. It should be noted that “FTM” is Fantom’s native token. The hackers used a small amount of Fantasm’s FSM tokens to mint XFTM ( a representation of Fantom’s FTM on Fantasm).
Nipun Pitimanaaree, a lead engineer at Alpha Finance who examined the blockchain records, highlighted that the hackers started with 50 FTM. And gradually used larger amounts to swap over 2.8 million XFTM. The expert cautioned that additional vulnerabilities related to Fantasm’s flash-loan product may still exist.
Fantasm developers outlined that some of the FTM collateral was white hacked. It refers to exploiting a protocol to flag security concerns or recover tokens at the risk of getting hacked.
The attack comes at a time when the Fantom Network had just started to take off. It launched a DeFi project for developing synthetic tokens for the Fantom ecosystem only a week ago. Experts believe this made the network a prime target for attackers who keep watch on vulnerabilities.
