Fantom Foundation (employee wallets): Off-chain Key Compromise (suspected password manager / phishing)
Over $7M was swept from 12+ Fantom Foundation-labelled addresses across 5 chains in a coordinated early-morning attack, likely via a compromised password manager — while the Foundation initially blamed a Chrome zero-day and later claimed most losses weren't theirs.
Summary #
Fantom Foundation (employee wallets) suffered a Foundation / Infrastructure (not a DeFi protocol) on 2023-10-17, resulting in a loss of approximately $8M.
What happened #
Over $7M was swept from 12+ Fantom Foundation-labelled addresses across 5 chains in a coordinated early-morning attack, likely via a compromised password manager — while the Foundation initially blamed a Chrome zero-day and later claimed most losses weren't theirs.
Linked factors #
- RD-F-007 — related : Bug bounty absent — baseline integrity gap [via dashboard_risk_factors/Bug bounty: N/A]