chaindrainMVP
Preview surface — demo data. Where real data exists today (e.g. RealT, BlackRock BUIDL, Lift Dollar) we render it; everywhere else we render synthetic enrichment generated deterministically from public signal and clearly marked Demo or Inferred. The Phase 3 roadmap replaces every synthetic source with live ingestion — see Methodology → Exposure Graph & Similarity Engine.
← back to incident ledger

kms misconfigurationDemo

Sep 27, 2020 · $24.5M · infrastructure

Narrative

On 2020-09-27, GCash suffered a kms misconfiguration incident resulting in approximately $24,504,941 in losses. The exploit targeted the infrastructure layer. Attribution: unknown. This is a demonstration entry — not a real incident.

Victims

Classification

Root cause
kms_misconfiguration
Secondary causes
Attack layer
infrastructure
Strategy
human_exploit
Actor role
target
Attribution
unknown
Attacker address
0xec2bb3a44eeb82e73b4c4d60d979cedadd0fd7e7
Flash loan
no
Audited at time
no
Bounty at time
no

AADAPT mappings

DEMO:AADAPT.TA0006DEMO:AADAPT.TA0005DEMO:AADAPT.T1552.005

Evidence

Disclosure date
Oct 1, 2020
Funds recovered
Audit firms at time
Post-mortem URLs (synthetic)
  • https://medium.com/gcash/post-mortem-gcash-2020-09-27
tx hashes (1)
  • 0x690a91534f27c816cd3773ee73754a1c96c135d24ee1bed8f2f29c951ef054cb