Preview surface — demo data. Where real data exists today (e.g. RealT, BlackRock BUIDL, Lift Dollar) we render it; everywhere else we render synthetic enrichment generated deterministically from public signal and clearly marked Demo or Inferred. The Phase 3 roadmap replaces every synthetic source with live ingestion — see Methodology → Exposure Graph & Similarity Engine.
← back to incident ledger

supply chain npmDemo

Feb 19, 2025 · $176.2K · infrastructure

Narrative

On 2025-02-19, Beefy Finance suffered a supply chain npm incident resulting in approximately $176,154 in losses. The exploit targeted the infrastructure layer. Attribution: whitehat. This is a demonstration entry — not a real incident.

Classification

Root cause
supply_chain_npm
Secondary causes
Attack layer
infrastructure
Strategy
tech_vuln
Actor role
target
Attribution
whitehat
Attacker address
0x3c1bc9c29505a875eb8c3f833dd9870682f369e1
Flash loan
no
Audited at time
no
Bounty at time
yes

AADAPT mappings

DEMO:AADAPT.TA0001DEMO:AADAPT.TA0011DEMO:AADAPT.T1195.002

Evidence

Disclosure date
Feb 21, 2025
Funds recovered
Audit firms at time
Post-mortem URLs (synthetic)
  • https://medium.com/beefy-finance/post-mortem-beefy-finance-2025-02-19
  • https://rekt.news/beefy-finance-rekt
  • https://blog.beefy-finance.xyz/incident-report
tx hashes (2)
  • 0x5362dec8e2de8671ca63fb2a4d8753d4871c38976c0e099c39fb16f4d838d347
  • 0x999dd6b0106ef5d172211df09d8bfba8679d81de09388eee419567c36ee9d348