chaindrainMVP
Preview surface — demo data. Where real data exists today (e.g. RealT, BlackRock BUIDL, Lift Dollar) we render it; everywhere else we render synthetic enrichment generated deterministically from public signal and clearly marked Demo or Inferred. The Phase 3 roadmap replaces every synthetic source with live ingestion — see Methodology → Exposure Graph & Similarity Engine.
← back to incident ledger

ice phishing approvalDemo

Oct 8, 2021 · $2.7M · human op

Narrative

On 2021-10-08, Pyth Network suffered a ice phishing approval incident resulting in approximately $2,678,967 in losses. The exploit targeted the human_op layer. Attribution: dprk_lazarus. This is a demonstration entry — not a real incident.

Victims

Classification

Root cause
ice_phishing_approval
Secondary causes
phishing_drainer
Attack layer
human_op
Strategy
human_exploit
Actor role
target
Attribution
dprk_lazarus
Attacker address
0xff7ed6e6eab320a58696389f82b408b3410e2d0c
Flash loan
no
Audited at time
no
Bounty at time
yes

AADAPT mappings

DEMO:AADAPT.TA0001DEMO:AADAPT.TA0040DEMO:AADAPT.T1566.002

Evidence

Disclosure date
Oct 10, 2021
Funds recovered
$787.9K
Audit firms at time
Post-mortem URLs (synthetic)
  • https://medium.com/pyth-network/post-mortem-pyth-network-2021-10-08
  • https://rekt.news/pyth-network-rekt
  • https://blog.pyth-network.xyz/incident-report
tx hashes (2)
  • 0x2d43bdf50105061392d779a7dcdedb132cbde72b4f9d80aca3670df410926750
  • 0x29fe9d09fecbba64508197c904cf48dd6df07f72dbf01c4f6231f01b6597a1e8