Share this article
Fantom-Based Algo Protocol Fantasm Exploited for $2.6M
Some of the at-risk funds were recovered from the weeks-old protocol in the early hours of Thursday.
Updated May 11, 2023, 6:59 p.m. Published Mar 10, 2022, 9:35 a.m.
Fantom-based algorithmic assets protocol Fantasm Finance was exploited for over $2.6 million worth of crypto early on Thursday, with the stolen tokens swapped for ether using privacy protocol Tornado Cash.
- “Our FTM collateral reserve has been exploited, there is still 1,820,012 FTM pool balance remaining currently for redemption,” they tweeted. FTM is Fantom’s native token and one of the tokens used as collateral backing on Fantasm.
URGENT ANNOUNCEMENT : Redeem your XFTM
— Fantastic Protocol (@fantasm_finance) March 9, 2022
Our FTM collateral reserve has been exploited, there is still 1,820,012 FTM pool balance remaining currently for redemption.
Exploiter address:https://t.co/lVxIF3HMYI
We are looking into this right now, more details to follow immediately
STORY CONTINUES BELOW
- Hackers were able to mint XFTM, a representation of Fantom’s FTM on Fantasm, by using a small amount of Fantasm’s FSM tokens. The hackers started with 50 FTM, gradually using larger amounts to swap over 2.8 million XFTM in total, Alpha Finance lead engineer Nipun Pitimanaaree explained in a tweet after examining blockchain records.
- The stolen funds were later swapped for over 1,007 ether – about $2.6 million at current prices – using privacy protocol Tornado Cash, which allows for anonymous token swaps.
1/ 🚨 @fantasm_finance was exploited, resulting in > $2.6M loss (> 1000 $ETH swapped & bridged to @TornadoCash)
— nipun.eth (@n1punp) March 10, 2022
Root cause: unchecked `_ftmIn` amount, leading to attacker able to mint $XFTM by only supplying $FSM (instead of both)
💥🐛 Here’s the exploit & bug analysis 👇 pic.twitter.com/dQIu2YABKz
- The Fantasm developers said in a follow-up tweet that some of the FTM collateral was “white hacked,” a process that refers to exploiting a protocol to flag security concerns or, in this case, recover tokens at the risk of getting hacked.
- Fantasm Finance, launched earlier this month, is a decentralized finance (DeFi) project aimed at developing synthetic tokens for the Fantom ecosystem. DeFi broadly refers to the use of smart contracts instead of third parties for providing financial services to users, while synthetic tokens are blockchain-based representations of financial assets, such as other cryptocurrencies.
- Fantasm developers said a compensation plan for affected users was being worked out.
- Meanwhile, Pitimanaaree cautioned in a tweet that additional vulnerabilities related to Fantasm’s flash-loan product might still exist.
More For You
What to know:
- As of October 2025, GoPlus has generated $4.7M in total revenue across its product lines. The GoPlus App is the primary revenue driver, contributing $2.5M (approx. 53%), followed by the SafeToken Protocol at $1.7M.
- GoPlus Intelligence's Token Security API averaged 717 million monthly calls year-to-date in 2025 , with a peak of nearly 1 billion calls in February 2025. Total blockchain-level requests, including transaction simulations, averaged an additional 350 million per month.
- Since its January 2025 launch , the $GPS token has registered over $5B in total spot volume and $10B in derivatives volume in 2025. Monthly spot volume peaked in March 2025 at over $1.1B , while derivatives volume peaked the same month at over $4B.
More For You
ZKsync Lite to Shut Down in 2026 as Matter Labs Moves On
The company framed the move, happening in early 2026, as a planned sunset.
What to know:
- Matter Labs plans to deprecate ZKsync Lite, the first iteration of its Ethereum layer-2 network, the team said in a post on X over the weekend.
- The company framed the move, happening in early 2026, as a planned sunset for an early proof-of-concept that helped validate their zero-knowledge rollup design choices before newer systems went live.
Top Stories
