Juno (JUNO), a Cosmos-based blockchain, went offline on Tuesday as a result of a suspected network attack.
According to a retweet from the project’s official Twitter handle, the network is still down as of press time, but no user funds have been lost, and the Juno core development team says a fix is in the works.
According to a Juno core developer who spoke to CoinDesk on the condition of anonymity, the network crash was caused by a malicious smart contract disguised as a simple “hello world” program.
For three days, the suspected attacker sent a string of over 400 transactions to the smart contract in an apparent trial-and-error process, eventually landing on a specific combination of transactions that crashed the network.
According to the developer who spoke with CoinDesk, the attacker exploited a blockchain vulnerability that Juno planned to address in a few hours following the attack via an update. According to the developer, the vulnerability was publicly disclosed because it affected all blockchains that use the CosmWasm smart contract platform.
This is Juno’s second major challenge in the last month. A contentious governance vote in March removed tokens from a “whale” accused of manipulating a JUNO airdrop – an unprecedented instance of a decentralized community directly voting to reduce a wallet’s token balance.
According to CoinGecko, the JUNO token has a $1 billion market cap and has dropped 7% in the last 24 hours.
The attacker’s identity is currently unknown.
Members of the Juno community are trying to figure out who would have been motivated to attack for no obvious financial gain, according to Daniel Hwang, head of protocols at Stakefish, which runs a validator for Juno. Token holders, according to Hwang, are pointing fingers at potential perpetrators ranging from competitor blockchains to bagholders on the losing end of last month’s governance vote.