Key takeaways:
- The token infrastructure platform Hedgey Finance has had two simultaneous hacks that have cost it $44.7 million in lost revenue.
- The exploit was verified by Hedgey Protocol, which also stated that it actively collaborates with auditors to identify the weakness underlying the possible continuous attack.
The token infrastructure platform Hedgey Finance has had two simultaneous hacks that have cost it $44.7 million in lost revenue.
An X post from on-chain security company Cyvers on April 19 states that Hedgey was the victim of an exploit on the Arbitrum network valued at around $42.8 million Arbitrum (ARB) tokens. The attacker has already placed a portion of the money on the Bybit cryptocurrency exchange.
According to an X (formerly twitter) post by Cyvers, the Hedgey protocol was previously compromised for a total of $1.9 million in cryptocurrency on the Ethereum network.
The exploit was verified by Hedgey Protocol, which also stated that it actively collaborates with auditors to identify the weakness underlying the possible continuous attack. In a post on April 19, X, it said:
โSecurity Alert: We’re investigating an attack on the Hedgey Token Claim Contract. If you have created active claims, please cancel them using the “End Token Claim” buttonโ
Soon after Hedgey acknowledged the exploit, fake accounts pretending to be the protocol began posing under the thread links that could be harmful and advising users to cancel their approvals of smart contracts or request a refund. These links pointed to dubious websites that had nothing to do with the Hedgey protocol.
The widely anticipated Bitcoin halving, which is scheduled to cut block issuance incentives in half, happened hours before the attack.
According to on-chain security company CertiK’s Hack3d report, 223 hacks and exploits in the first quarter of 2024 resulted in over $502 million worth of stolen digital assets.
CoinCodeCap has reached out to Hedgey Finance for comments about the exploit, but we havenโt heard from them yet.
Over $77.9 million in stolen money was eventually returned in the first quarter, largely due to the Munchables security incident.
According to a Dec. 28 analysis by Immunefi, $1.8 billion was lost to cryptocurrency hackers and scammers in 2023, with 17% of that amount linked to the North Korean Lazarus Group.