chaindrainMVP
Preview surface — demo data. Where real data exists today (e.g. RealT, BlackRock BUIDL, Lift Dollar) we render it; everywhere else we render synthetic enrichment generated deterministically from public signal and clearly marked Demo or Inferred. The Phase 3 roadmap replaces every synthetic source with live ingestion — see Methodology → Exposure Graph & Similarity Engine.
← back to incident ledger

phishing drainerDemo

Oct 3, 2024 · $755.7K · human op

Narrative

On 2024-10-03, Curve Finance suffered a phishing drainer incident resulting in approximately $755,738 in losses. The exploit targeted the human_op layer. Attribution: unattributed_criminal. This is a demonstration entry — not a real incident.

Victims

Classification

Root cause
phishing_drainer
Secondary causes
ice_phishing_approval
Attack layer
human_op
Strategy
human_exploit
Actor role
target
Attribution
unattributed_criminal
Attacker address
0xf4b98017fbe928806fc786db965bf14a8f92af03
Flash loan
no
Audited at time
no
Bounty at time
no

AADAPT mappings

DEMO:AADAPT.TA0001DEMO:AADAPT.TA0040DEMO:AADAPT.T1566.003

Evidence

Disclosure date
Oct 5, 2024
Funds recovered
Audit firms at time
Post-mortem URLs (synthetic)
  • https://medium.com/curve-finance/post-mortem-curve-finance-2024-10-03
  • https://rekt.news/curve-finance-rekt
  • https://blog.curve-finance.xyz/incident-report
tx hashes (4)
  • 0xf5ab8af91862f76a562782d7e98ffc936a6393f58f68abcf0e9e6392b8242afe
  • 0xc035a25b3daa2b585b5f9b19e2cf53f45cf4ec001cd792e56d16a126bc5bca6f
  • 0x16c08302ce0581286d550b1f50500252f1dd5d2eed681019c566dec85e8becde
  • 0xa257ecdfc5337730394e59559f70fe7d80b1c6964700e1ebaea3ee50d0c097b1