### Internal Probe Reveals Ex-Contractor Behind $14.4 Million Holograph Hack
**Hassan Shittu**
Last updated: July 3, 2024, 19:38 EDT
| 2 min read
Holograph, a blockchain tokenization platform, announced on July 2 the completion of its post-mortem report regarding the security breach that occurred on June 13. The internal investigation revealed that a disgruntled former contractor was responsible for hacking the platform. In collaboration with Halborn Security, the detailed report outlines the incident and the measures taken to prevent future breaches.
#### Holograph Hack Post-Mortem Report Released
On June 13, the hacker exploited Holograph by minting 1 billion HLG tokens and absconding with tokens valued at approximately $14.4 million. Holograph’s team promptly responded by posting updates on social media platform X. According to data from Etherscan, the exploiters began draining the tokens on June 13 at 9:47 am UTC through nine transactions. On-chain data revealed that the ENS wallet acc01ade.eth was involved in the hack. Additionally, evidence from GitHub suggests the attackers were contributors to the protocol, having made 113 contributions to Holograph last year.
Shortly after the breach, Holograph Protocol’s native token, HLG, saw its price plummet. Data from CoinGecko showed the token’s value dropping from $0.014 to a low of $0.0029, a 79.4% decrease. Although HLG slightly recovered to $0.008 before experiencing another drop to $0.0049, it is currently trading at $0.002887. Etherscan data indicated that the exploiter converted the stolen HLG tokens into USDT four hours after the exploit.
Following the attack, Holograph launched an internal investigation in collaboration with blockchain investigation firm Halborn. On July 2, Holograph released a post-mortem report, tracing the breach to unauthorized admin access to a proxy wallet by a disgruntled former contractor. The contractor minted approximately $14 million worth of new HLG tokens and sold them on the open market, causing a dramatic price crash. The former contractor meticulously planned the heist for months, leveraging their admin access to Holograph Protocol v1 contracts, which served as a backdoor.
Working closely with Halborn Security, Holograph identified the root cause of the exploit and has since implemented operational risk controls to prevent such incidents from reoccurring. “We have taken immediate and decisive action to address the vulnerabilities and have put in place stringent measures to safeguard our protocol and community moving forward,” a spokesperson for Holograph stated.
#### Holograph Re-enables Bridging, Plans to Involve Law Enforcement in Investigation Following Incident
Following the report, Holograph plans to involve law enforcement in the ongoing investigation. Having identified the cause, Holograph has re-enabled bridging on Holograph Protocol V2 and informed centralized exchanges Bybit, Gate, KuCoin, Bitget, and Backpack that it is now safe to re-open HLG deposits and withdrawals.
Additionally, the HLG Burn Plan is nearing completion, aiming to restore the maximum supply of HLG to 10 billion. In response to community concerns about the inflated circulating supply, Holograph confirmed that only the circulating supply would be burned to return it to the original schedule.
The protocol has yet to share plans for recovering the lost funds and the law enforcement proceedings in an upcoming update. Holograph assured stakeholders that further updates on asset recovery and law enforcement proceedings will be provided as they become available.
Follow Us on Google News