Mainnet network proxies disabled
The Hedera mainnet has been upgraded to patch the vulnerability and mainnet is now running and available.
Details on the attack will soon be made available.
Posted Mar 11, 2023 - 02:08 UTC
Today, attackers exploited the Smart Contract Service code of the Hedera mainnet to transfer Hedera Token Service tokens held by victims’ accounts to their own account. The attacker targeted accounts used as liquidity pools at multiple DEXes that use Uniswap v2-derived contract code ported over to use the Hedera Token Service, including Pangolin, SaucerSwap, and HeliSwap. When the attackers moved tokens obtained through these attacks over the Hashport bridge, the bridge operators detected the activity and took swift action to disable it.
The Hedera community, including Swirlds Labs, The HBAR Foundation, Limechain, Pangolin, SaucerSwap, and HeliSwap teams, worked together to investigate the attack. To prevent the attacker from being able to steal more tokens, Hedera turned off mainnet proxies, which removed user access to the mainnet. The team has identified the root cause of the issue and are working on a solution.
Once the solution is ready, Hedera Council members will sign transactions to approve the deployment of the code on mainnet to remove this vulnerability, at which point the mainnet proxies will be turned back on, allowing normal activity to resume.
Posted Mar 10, 2023 - 04:41 UTC
We are continuing to investigate this issue.
Posted Mar 09, 2023 - 20:15 UTC
Out of an abundance of caution & safety for retail users, Hedera is turning off network proxies on mainnet, effectively making it inaccessible.
Hedera core will continue to work through the smart contract irregularity. Subscribe to status.hedera.com for the latest info.
Posted Mar 09, 2023 - 20:14 UTC
This incident affected: Hedera Mainnet (v0.34.5) | Network Uptime and Hedera Mainnet (v0.34.5) | Individual Nodes (Node 0 (account 0.0.3) | Hosted by LG | Seoul, South Korea, Node 1 (account 0.0.4) | Hosted by Swirlds | North Carolina, USA, Node 2 (account 0.0.5) | Hosted by FIS | Florida, USA, Node 3 (account 0.0.6) | Hosted by Wipro | Mumbai, India, Node 4 (account 0.0.7) | Hosted by Nomura | Tokyo, Japan, Node 5 (account 0.0.8) | Hosted by Google | Helsinki, Finland, Node 6 (account 0.0.9) | Hosted by Zain Group | Kuwait City, Kuwait, Node 7 (account 0.0.10) | Hosted by Magalu | São Paulo, Brazil, Node 8 (account 0.0.11) | Hosted by Boeing | Washington, USA, Node 9 (account 0.0.12) | Hosted by DLA Piper | London, UK, Node 10 (account 0.0.13) | Hosted by Tata Communications | California, USA, Node 11 (account 0.0.14) | Hosted by IBM | Washington, USA, Node 12 (account 0.0.15) | Hosted by Deutsche Telekom | Berlin, Germany, Node 13 (account 0.0.16) | Hosted by UCL | London, UK, Node 14 (account 0.0.17) | Hosted by Avery Dennison | Pennsylvania, USA, Node 15 (account 0.0.18) | Hosted by Dentons | Singapore, Node 16 (account 0.0.19) | Hosted by Standard Bank | Johannesburg, South Africa, Node 17 (account 0.0.20) | Hosted by eftpos | Sydney, Australia, Node 18 (account 0.0.21) | Hosted by EDF | Paris, France, Node 19 (account 0.0.22) | Hosted for Shinhan Bank | California, USA, Node 20 (account 0.0.23) | Hosted by Chainlink Labs | Michigan, USA, Node 21 (account 0.0.24) | Hosted for LSE | Virginia, USA, Node 22 (account 0.0.25) | Hosted for IIT Madras | Georgia, USA, Node 23 (account 0.0.26) | Hosted for DBS | Singapore, Republic of Singapore, Node 24 (account 0.0.27) | Hosted for ServiceNow | Ogden, Utah, Node 25 (account 0.0.28) | Hosted for Ubisoft | Singapore, Republic of Singapore, Node 26 (account 0.0.29) | Hosted for abrdn | Madrid, Spain).