chaindrainMVP
Preview surface — demo data. Where real data exists today (e.g. RealT, BlackRock BUIDL, Lift Dollar) we render it; everywhere else we render synthetic enrichment generated deterministically from public signal and clearly marked Demo or Inferred. The Phase 3 roadmap replaces every synthetic source with live ingestion — see Methodology → Exposure Graph & Similarity Engine.
← back to incident ledger

access control missingDemo

Nov 16, 2023 · $2.5M · protocol

Narrative

On 2023-11-16, Bridge Mutual suffered a access control missing incident resulting in approximately $2,471,762 in losses. The exploit targeted the protocol layer. Attribution: dprk_lazarus. This is a demonstration entry — not a real incident.

Victims

Classification

Root cause
access_control_missing
Secondary causes
Attack layer
protocol
Strategy
tech_vuln
Actor role
target
Attribution
dprk_lazarus
Attacker address
0x2cde2d54889934273ff7cebcab36d578afe082fd
Flash loan
no
Audited at time
no
Bounty at time
no

AADAPT mappings

DEMO:AADAPT.TA0004DEMO:AADAPT.TA0006DEMO:AADAPT.T1078

Evidence

Disclosure date
Nov 18, 2023
Funds recovered
Audit firms at time
Post-mortem URLs (synthetic)
  • https://medium.com/bridge-mutual/post-mortem-bridge-mutual-2023-11-16
tx hashes (3)
  • 0x0d062b7efbb481c229c5e9dd1c77b3f08bb3a68dc6a7acbdf0f93d718376db83
  • 0x29505e25db1cb8ce62410fd566a7f40bdf7d33ae9fc85ac4b8af7a38df6583d8
  • 0x421946197ed480c77e911282d49d29a5923679e6f1a83dd6c1b07ca9e4655b11