Blockchain tokenization platform Holograph’s native token fell as much as 79.4% after a malicious actor hacked the protocol’s operator contract and minted 1 billion HLG tokens worth $14.4 million.
Holograph’s X account confirmed the hack on June 14. It revealed that it has since patched up the initial exploit and is working with cryptocurrency exchange partners to freeze the malicious actor’s accounts.
Holograph added that it has launched its own investigation and is contacting law enforcement.
How the HLG exploit happened
The 1 billion HLG tokens were minted across nine transactions by the hacker, taking advantage of a smart contract vulnerability — with the first mint on June 13 at 9:47 am UTC, according to Etherscan.
Seven of them were sent in 100 million batches.
It took only 10 minutes for HLG’s price to start tumbling. Within nine hours, the token fell 79.4% from $0.014 to a local low of $0.0029, while HLG’s market cap fell from nearly $22 million to $4.8 million in that timeframe, according to CoinGecko. HLG has since recovered slightly to $0.008.
At current prices, the 1 billion HLG tokens are worth $7.4 million, but the hacker had already started converting the minted HLG into stablecoin Tether (USDT) about four hours after the first exploit.
Related: CoinGecko confirms email provider data breach, over 23,000 phishing emails sent
Matt Casto, cryptocurrency researcher at venture capital firm CMT Digital, believes the hacker was a “rogue dev” who funded Holograph’s operator contract address 26 days ago.
Holograph didn’t immediately respond to Cointelegraph on whether it knows the identity of the hacker.
Holograph is based in the Omnichain ecosystem and enables tokens to move between blockchains while maintaining the same contract address, thus allowing asset issuers to index cross-chain data.
It has received venture capital funding from the likes of Animoca Brands and Mechanism Capital.
Nearly $19 billion in cryptocurrencies have been stolen since the first industry hack was reported in June 2011, a recent Crystal Intelligence report shows.
Magazine: Lazarus Group’s favorite exploit revealed — Crypto hacks analysis