Fantom’s ‘Foundation Wallets’ drained for $550K

The Fantom Foundation confirmed Tuesday that a “small number” of its wallets had been compromised, with losses amounting to roughly $550,000. 

Around 99% of the Foundation’s funds reportedly remain untouched and secure, the company said in a statement on X, formerly Twitter.

Based on those figures, the remainder of its $55 million treasury remains unaffected.

Preliminary investigations have brought to light possible vulnerabilities via a zero-day hack in Google Chrome. However, the exact cause and mechanism of the breach remain under scrutiny, Fantom said.

Blockworks has reached out for clarification but has so far received no response.

While the affected wallets bore the label “Foundation Wallets,” they had previously been transitioned away from organizational use. 

These wallets were under the management of a Fantom employee, suggesting a more targeted nature to the attack rather than a broad sweep, the company said.

“A Fantom employee’s personal wallets were compromised. Some of these impacted wallets were labeled “Foundation Wallets”, but they were no longer being utilized by the organization and had been reassigned to a Fantom employee, making this a targeted personal attack,” it said. 

Read more: Upbit updates cold wallet policy in bid to thwart hackers

While the Foundation’s attempted to demonstrate confidence in the safety of its primary funds, some eyebrows are being raised considering the targeted nature of the breach and the security of reassigning foundation wallets to employees. 

Reassigned wallets, especially those under the purview of employees, should ideally have rigorous security measures in place, prompting questions about internal security protocols.

---

Get the news in your inbox. Explore Blockworks newsletters:

• The Breakdown: Decoding crypto and the markets. Daily.
• 0xResearch: Alpha in your inbox. Think like an analyst.