chaindrainMVP
Preview surface — demo data. Where real data exists today (e.g. RealT, BlackRock BUIDL, Lift Dollar) we render it; everywhere else we render synthetic enrichment generated deterministically from public signal and clearly marked Demo or Inferred. The Phase 3 roadmap replaces every synthetic source with live ingestion — see Methodology → Exposure Graph & Similarity Engine.
← back to incident ledger

frontend dns hijackDemo

Mar 3, 2024 · $5M · frontend

Narrative

On 2024-03-03, KyberSwap suffered a frontend dns hijack incident resulting in approximately $5,015,578 in losses. The exploit targeted the frontend layer. Attribution: unattributed_criminal. This is a demonstration entry — not a real incident.

Victims

Classification

Root cause
frontend_dns_hijack
Secondary causes
Attack layer
frontend
Strategy
tech_vuln
Actor role
target
Attribution
unattributed_criminal
Attacker address
0xa55ebecf7d33c810f4997b9bedb8962a702b6160
Flash loan
no
Audited at time
yes
Bounty at time
no

AADAPT mappings

DEMO:AADAPT.TA0001DEMO:AADAPT.TA0008DEMO:AADAPT.T1071.001DEMO:AADAPT.T1583.001

Evidence

Disclosure date
Mar 5, 2024
Funds recovered
Audit firms at time
Cantina
Post-mortem URLs (synthetic)
  • https://medium.com/kyberswap/post-mortem-kyberswap-2024-03-03
  • https://rekt.news/kyberswap-rekt
tx hashes (2)
  • 0xefeb67ed8ded48bd1ace95928fb68ec2ecd331e81d8fad222f1fe8e4c23892a8
  • 0xc7a8171e70d8261c98aeb56e8b942ff94fcd3ce238331053229bc42e5f060aa7