The Fantom Foundation confirmed that it and its employees collectively lost hundreds of thousands of dollars worth of crypto in an attack on Oct. 17.

Fantom announced on Twitter/X:

“We are aware of reports indicating a small number of Fantom wallets were compromised earlier today. At this juncture, we can confirm the wallets in question were affected, including $550K in Fantom Foundation funds.”

The Fantom Foundation added that a “significant majority” of its funds — more than 99% of its holdings — were not affected by the attack.

Fantom additionally noted that an employee wallet that had been erroneously identified as belonging to the Foundation was affected by the attack. It called this a “targeted personal attack” and said that it is tracking and investigating the employee’s funds.

The project acknowledged early reports suggesting the attack resulted from a zero-day hack via Google Chrome but said that it is still investigating whether this is the case.

Independent crypto commentator Spreek shared a message, originally posted by an admin on Fantom’s Telegram channel, discussing the potential role of a Google Chrome vulnerability in the attack.

Amount stolen could total $6.7M

Separate reports from Spreek suggested that one of the attacker’s wallets at one point held $6.7 million. Spreek noted that it is unclear whether all of those funds originated from the attack in question.

Spreek also identified multiple Fantom employee wallets that were victimized, including one team member’s wallet that lost $3.4 million.

Separate reports from CertiK suggest that those funds have now been consolidated on another Ethereum address that holds $7.0 million.

That wallet did not begin to receive funds until around the time of the attack, and all of the received funds came from another wallet titled Fake_Phishing188025. This suggests that much of the wallet’s multi-million balance is indeed hack-related.