Assets
Crypto Deposit
Fiat Deposit
Convert
Transfer
Withdraw
My vouchers
Fund history
Dashboard
Account Security
Identity verification
API Management
Transaction Report
Log out
Register
BTCC / BTCC Square / Cryptopolitan /
0G Foundation Bleeds $520K in Token Heist: 520,010 $0G Tokens Vanish

0G Foundation Bleeds $520K in Token Heist: 520,010 $0G Tokens Vanish

Author:
Cryptopolitan
Published:
2025-12-13 20:55:15
10
3

0G Foundation lost about $520,000 after attackers stole 520,010 $0G tokens and additional crypto

A crypto foundation just got a half-million-dollar lesson in security—or the lack of it.

The 0G Foundation watched a chunk of its treasury evaporate. Attackers didn't just swipe the project's namesake token; they cleaned out additional crypto holdings, turning a digital vault into a ghost town.

The Anatomy of a Digital Grab

Forget sophisticated social engineering. This was a straight-up breach. The perpetrators bypassed defenses, extracted the assets, and vanished into the blockchain's immutable ledger—leaving a trail anyone can see but no one can reverse.

The haul? Precise. 520,010 units of the project's core asset, plus a side of other cryptocurrencies. In the cold math of a bear market, that's a $520,000 wound. For a fledgling project, it's a potential knockout punch.

Security Theater Meets Crypto Reality

The incident cuts to the core of crypto's eternal tension: decentralization versus security. Foundations hold keys, and keys get stolen. It's the oldest story in finance, now with a digital twist—and without the FDIC insurance.

Active development? A vibrant community? None of it matters if the safe isn't locked. This heist serves as a brutal audit, one where the test involves losing real money instead of just failing a checklist.

The Ripple in the Pond

Markets hate uncertainty. While the direct financial loss is quantified, the reputational damage is a ticking clock. Confidence is the real currency here, and it's far harder to replenish than a stolen token balance.

Investors are left weighing a brutal equation: is this a one-time lapse or a symptom of deeper flaws? The foundation's next moves—transparency, remediation, overhaul—will write that answer.

Another day, another crypto project learns that 'trustless' doesn't mean 'riskless.' The only thing growing faster than blockchain tech might be the adjacent industry of digital asset recovery—talk about a bullish vertical.

Exploit traced to leaked private key

According to the foundation, the attacker exploited an emergency withdrawal function in the affected reward contract after gaining access to a private key that had been inadvertently stored on a compromised cloud server.

The key was linked to an Alibaba Cloud instance responsible for managing NFT status and reward updates.

“The attacker accessed a leaked private key from an AliCloud instance,” the foundation said, adding that storing plaintext private keys locally was a critical operational failure, saying, “this is a practice we now know must never happen again.”

Further investigation revealed that the breach was not limited to a single server. The foundation said multiple AliCloud instances were compromised after attackers exploited a critical vulnerability in the popular Next.js web framework, tracked as CVE-2025-66478, on December 5. Using internal IP addresses, the attacker was able to MOVE laterally across systems, affecting a wide range of services.

These included the alignment service, a validator node, the Gravity NFT service, node sale infrastructure, and several ecosystem products such as Compute, Aiverse, Perpdex, and Ascend.

However, the foundation has maintained that no additional losses tied directly to user-held assets have been identified.

CertiK, a blockchain security firm, flagged the suspicious withdrawals from a 0G-related reward contract earlier, estimating losses in line with figures that were later confirmed by the foundation.

What’s next for 0G Foundation?

0G foundation claims that it has implemented immediate security measures. The organization has also patched the Next.js vulnerability and rebuilt affected services.

As part of what 0G said it is doing to prevent a repeat incident, the foundation claims it will migrate all key-bearing services to Trusted Execution Environments (TEEs), implement multi-signature wallet requirements for critical fund management, and adopt zero-trust security principles across its infrastructure.

The hack incident that 0G Foundation reported comes after it raised over $290 million in November 2024, including a $40 million seed funding round led by Hack VC with participation from Delphi Ventures, OKX Ventures, Samsung Next, Animoca Brands, among other investors. That raise made it $325 million in committed funding for the platform.

0G conceded that the breach is “a painful but necessary wake-up call.” It also promised to release a full post-mortem report, which its community can look forward to knowing more about how the foundation lost $520,000 to bad actors.

Want your project in front of crypto’s top minds? Feature it in our next industry report, where data meets impact.

|Square

Get the BTCC app to start your crypto journey

Download on the App Store GEI IT ON Google Play

Get started today Scan to join our 100M+ users

Exchange for a better future

Products
Services
Guides
About Us
Terms & Agreement
Customer Service

Risk warning: Digital asset trading is an emerging industry with bright prospects, but it also comes with huge risks as it is a new market. The risk is especially high in leveraged trading since leverage magnifies profits and amplifies risks at the same time. Please make sure you have a thorough understanding of the industry, the leveraged trading models, and the rules of trading before opening a position. Additionally, we strongly recommend that you identify your risk tolerance and only accept the risks you are willing to take. All trading involves risks, so you must be cautious when entering the market.

The world’s longest-running cryptocurrency exchange since 2011 © 2011 - 2025 BTCC.com. All rights reserved

All articles reposted on this platform are sourced from public networks and are intended solely for the purpose of disseminating industry information. They do not represent any official stance of BTCC. All intellectual property rights belong to their original authors. If you believe any content infringes upon your rights or is suspected of copyright violation, please contact us at [email protected]. We will address the matter promptly and in accordance with applicable laws.BTCC makes no explicit or implied warranties regarding the accuracy, timeliness, or completeness of the republished information and assumes no direct or indirect liability for any consequences arising from reliance on such content. All materials are provided for industry research reference only and shall not be construed as investment, legal, or business advice. BTCC bears no legal responsibility for any actions taken based on the content provided herein.