According to an internal investigation, a former disgruntled contractor hacked the blockchain tokenization platform Holograph.
The Holograph protocol was exploited by a criminal on June 13 to create 1 billion native Holograph (HLG) tokens, which are valued at $14.4 million. Consequently, the value of HGL tokens plummeted by nearly 80% within nine hours of the exploit, from $0.014 to a low of $0.0029.
HGL, as per CoinGecko data, attempted an unsustained recovery to $0.0049 before settling at $0.002887 at the time of writing.
Holograph initiated an internal investigation with blockchain investigation firm Halborn and publicly released a post-mortem of the incident on July 2, emphasizing the involvement of “a disgruntled former contractor.” Using a proxy wallet, the former contractor generated $14 million in HLG tokens, according to Holograph.
The price of the newly minted HLG tokens plummeted due to the hacker’s sale of them to crypto investors on the open market.
The cybercriminal, who transitioned from a contractor to a hacker, meticulously devised the theft months in advance, leveraging their administrative access to Holograph Protocol v1 contracts as a backdoor.
Holograph intends to engage law enforcement in the investigation. Following identifying the root cause, Holograph resumed bridging on the v2 protocol and recommended that all crypto exchanges permit HLG deposits and withdrawals.
The protocol will implement a burn plan to reduce the utmost supply of HLG tokens to 10 billion. Holograph responded to a community member’s apprehensions regarding the overinflated circulating supply by stating:
“Yes, only circulating supply is being burned to return circulating back to original schedule.”
In an impending update, the protocol has yet to disclose its plans for recovering the lost funds and commencing law enforcement proceedings.
Holograph implemented a comprehensive resolution encompassing operational risk controls to mitigate insider attacks.
On June 3, the Bittensor protocol occurred. Bittensor was required to cease its network activity due to a succession of wallet drains that resulted in the theft of at least $8 million in digital assets.
To mitigate the exploit, Bittensor co-founder Ala Shaabana announced a network outage:
“By way of an update, we have contained the attack and put the chain into safe mode (blocks producing but no transactions are permitted). We’re still mid-investigation and are considering all possibilities.”
At the time of writing, 32,000 Bittensor (TAO) tokens valued at approximately $8 million were obtained by exploiting the unknown address “5FbW.”