chaindrainMVP

Preview surface — demo data. Where real data exists today (e.g. RealT, BlackRock BUIDL, Lift Dollar) we render it; everywhere else we render synthetic enrichment generated deterministically from public signal and clearly marked Demo or Inferred. The Phase 3 roadmap replaces every synthetic source with live ingestion — see Methodology → Exposure Graph & Similarity Engine.

frontend dns hijackDemo

Jan 4, 2024 · $3.7M · frontend

Narrative

On 2024-01-04, Ripple suffered a frontend dns hijack incident resulting in approximately $3,716,110 in losses. The exploit targeted the frontend layer. Attribution: unattributed_criminal. This is a demonstration entry — not a real incident.

Victims

Ripple

Classification

Root cause: frontend_dns_hijack
Secondary causes: supply_chain_npm
Attack layer: frontend
Strategy: tech_vuln
Actor role: target
Attribution: unattributed_criminal
Attacker address: 0x72256570fdd3ecb1c6d75919ccc18f4f45d156ea
Flash loan: no
Audited at time: no
Bounty at time: no

AADAPT mappings

DEMO:AADAPT.TA0001DEMO:AADAPT.TA0008DEMO:AADAPT.T1071.001DEMO:AADAPT.T1583.001

Evidence

Disclosure date: Jan 7, 2024
Funds recovered: —
Audit firms at time

Post-mortem URLs (synthetic)

https://medium.com/ripple/post-mortem-ripple-2024-01-04
https://rekt.news/ripple-rekt
https://blog.ripple.xyz/incident-report

tx hashes (1)

0x684caa0962fe8a7d1675f445d28ddc6b6fafe737fe697d9ccfd9d5fbe2a6a0f5