Cyvers, a prominent blockchain security firm, recently uncovered a suspicious movement of $50 million in HAXcoin (HXA), the native utility token of the Herencia Artifex nonfungible token (NFT) project.
This significant transfer of funds was linked to an entity known as the KyberSwap exploiter, raising concerns in the cryptocurrency community.
The KyberSwap exploiter obtained these tokens by exploiting the “transfer from function” within the Ethereum network.
The “transfer from” function is commonly utilized by decentralized application users, allowing one party to transfer tokens from the balance of another party to a third-party address.
However, misuse or vulnerabilities in the implementation of such functions can lead to security vulnerabilities.
Cyvers, in its report, suggests that the security breach may be associated with a potential flaw in the Multicall function, a component of the thirdweb libraries integrated into the HXA token’s smart contract.
Cyvers encourages interested parties to actively participate in the investigation to comprehensively understand the extent and repercussions of this exploit.
READ MORE: Krist Novoselic Urges Microsoft to Reevaluate Generative AI Approach in Shareholder Proposal
The Cyvers team has also revealed that the funds acquired by the KyberSwap exploiter have been dispersed among various externally owned accounts, which are now recognized as the top HXA tokenholders. This distribution adds complexity to tracking and recovering the stolen assets.
Meanwhile, cryptocurrency exchange MEXC has taken a precautionary measure by temporarily suspending HXA token withdrawals and deposits.
However, this halt is not directly linked to security concerns arising from the hack but rather stems from unusual on-chain activities related to HXA, as reported by the exchange.
In an unexpected development, the official website of HAXcoin, hxacoin.io, is currently inaccessible, leaving investors and stakeholders without access to official information and updates.
This further complicates the situation and raises suspicions regarding the project’s integrity and transparency.
This incident follows a recent hack that saw hackers siphon off approximately $46 million in cryptocurrency assets from the decentralized KyberSwap exchange.
The cumulative impact of such security breaches highlights the need for enhanced security measures within the cryptocurrency ecosystem, urging industry participants to remain vigilant and proactive in safeguarding digital assets and user interests.
Discover the Crypto Intelligence Blockchain Council