A major security breach has occurred in the Fantom Foundation, a blockchain platform that aims to provide fast, secure and scalable solutions for decentralized applications. According to a report by The Block, an employee of the foundation lost access to at least $7 million worth of crypto assets after falling victim to a phishing attack.
The incident happened on October 18, when the employee received an email that appeared to be from a colleague, asking him to update his MetaMask wallet. The email contained a link to a fake website that mimicked the official MetaMask site. The employee entered his seed phrase, a 12-word password that grants access to the wallet, on the fake site, unknowingly giving the attacker full control over his funds.
The attacker then proceeded to drain the employee’s wallet, transferring more than 139,000 FTM tokens (worth about $3.5 million at the time) and 2,000 ETH (worth about $3.8 million) to another address. The employee realized his mistake too late and contacted the Fantom Foundation for help. The foundation tried to track down the attacker and recover the funds, but so far has been unsuccessful.
Tekedia Mini-MBA edition 16 (Feb 10 – May 3, 2025) opens registrations; register today for early bird discounts.
Tekedia AI in Business Masterclass opens registrations here.
Join Tekedia Capital Syndicate and invest in Africa’s finest startups here.
The Fantom Foundation issued a statement on its official Twitter account, confirming the incident and expressing its regret. The foundation also assured its users that the breach did not affect the security or functionality of the Fantom network or any of its products. The foundation said it is working with law enforcement agencies and security experts to investigate the matter and prevent similar attacks in the future.
The foundation also advised its users to be vigilant and cautious when dealing with emails or websites that ask for sensitive information, such as seed phrases or private keys. The foundation reminded its users that MetaMask never asks for such information and that they should always verify the authenticity of any website before entering their credentials.
Why is decentralization important for the cryptocurrency industry? There are several reasons:
Decentralization enhances security. By eliminating the need for intermediaries or central servers, decentralization reduces the risk of hacking, censorship, or manipulation. The network is protected by cryptography and consensus mechanisms that ensure its integrity and reliability.
Decentralization promotes innovation. By allowing anyone to participate and contribute to the network, decentralization fosters a culture of creativity and experimentation. The network can evolve and adapt to the changing needs and preferences of the users, without being constrained by bureaucratic or regulatory barriers.
Decentralization empowers users. By giving users more control over their own data, assets, and identity, decentralization enhances their privacy and sovereignty. Users can choose how to interact with the network, what services to use, and whom to trust, without relying on third parties or intermediaries.
The cryptocurrency industry will only become better as it becomes decentralized. Decentralization is not only a technical feature, but also a social and economic vision. It is a vision of a more open, fair, and inclusive world, where everyone can benefit from the opportunities and advantages of digital currencies.
The phishing attack on the Fantom Foundation employee is one of the latest examples of how cybercriminals are targeting the crypto space, exploiting human errors and vulnerabilities to steal millions of dollars’ worth of digital assets. According to a report by CipherTrace, a blockchain analytics firm, crypto-related thefts, hacks and frauds amounted to $1.9 billion in the first half of 2021, a 57% decrease from the previous year, but still a significant threat to the industry.
Correcting recent claim on crypto role in terrorism financing
In a recent interview, the director of the Financial Crimes Enforcement Network (FinCEN) claimed that cryptocurrencies are playing a significant role in financing terrorism and other illicit activities. He cited the example of the Islamic State group, which allegedly used Bitcoin to fund its operations in Syria and Iraq. However, this claim is misleading and inaccurate, as there is little evidence to support it.
First of all, the use of cryptocurrencies by terrorist groups is not widespread or systematic. According to a report by the RAND Corporation, a think tank that provides research and analysis to the US military, most terrorist organizations still rely on traditional methods of financing, such as cash, hawala, charities, and state sponsorship.
Cryptocurrencies pose several challenges for terrorists, such as volatility, traceability, technical complexity, and limited acceptance. Moreover, the report found that there is no indication that any terrorist group has used cryptocurrencies to transfer funds across borders or to finance attacks.
Secondly, the example of the Islamic State group is outdated and inaccurate. The director referred to a 2015 report by the Combating Terrorism Center at West Point, which claimed that the Islamic State group had received a donation of $23 million worth of Bitcoin in 2014.
However, this report was later debunked by several experts and media outlets, who pointed out that the Bitcoin address in question belonged to a legitimate company that provides cloud mining services, and that there was no evidence of any connection to the Islamic State group. Furthermore, the report itself acknowledged that it was based on unverified sources and speculative assumptions.
Therefore, the claim that cryptocurrencies are playing a significant role in financing terrorism is not supported by facts or data. It is important to correct this misinformation, as it can lead to unwarranted fear and distrust of cryptocurrencies and hinder their potential for innovation and social good.
Cryptocurrencies are not inherently evil or criminal; they are simply tools that can be used for various purposes, both good and bad. The challenge is to find ways to regulate them without stifling their development or violating their users’ privacy and rights. Some possible ways to regulate cryptocurrencies are:
Establishing clear and consistent legal definitions and classifications of cryptocurrencies and related activities. Implementing anti-money laundering and counter-terrorism financing rules that apply to cryptocurrency service providers and users. Enhancing international cooperation and coordination among regulators, law enforcement agencies, and industry stakeholders.
Promoting transparency and accountability in the cryptocurrency ecosystem, such as by requiring disclosure of beneficial ownership and transaction data. Educating and raising awareness among the public and policymakers about the benefits and risks of cryptocurrencies.