chaindrainMVP
Preview surface — demo data. Where real data exists today (e.g. RealT, BlackRock BUIDL, Lift Dollar) we render it; everywhere else we render synthetic enrichment generated deterministically from public signal and clearly marked Demo or Inferred. The Phase 3 roadmap replaces every synthetic source with live ingestion — see Methodology → Exposure Graph & Similarity Engine.
← back to incident ledger

proxy admin compromiseDemo

Sep 11, 2024 · $3.2M · protocol

Narrative

On 2024-09-11, Yearn Finance suffered a proxy admin compromise incident resulting in approximately $3,171,667 in losses. The exploit targeted the protocol layer. Attribution: mev_searcher. This is a demonstration entry — not a real incident.

Victims

Classification

Root cause
proxy_admin_compromise
Secondary causes
access_control_missing
Attack layer
protocol
Strategy
tech_vuln
Actor role
target
Attribution
mev_searcher
Attacker address
0x4ed7dc167a9f5f21b00b1d8a026dae93c1559e82
Flash loan
no
Audited at time
no
Bounty at time
yes

AADAPT mappings

DEMO:AADAPT.TA0006DEMO:AADAPT.TA0008DEMO:AADAPT.T1078.004

Evidence

Disclosure date
Sep 12, 2024
Funds recovered
Audit firms at time
Post-mortem URLs (synthetic)
  • https://medium.com/yearn-finance/post-mortem-yearn-finance-2024-09-11
  • https://rekt.news/yearn-finance-rekt
  • https://blog.yearn-finance.xyz/incident-report
tx hashes (3)
  • 0x72e243a46de92cd5b0843d844ec6fcf3ca50efa46350154bf03df2c304c91b90
  • 0xd0bde8b8f17f2ed16253064106119da66a8fd03c275f1adf520220feb42eacbe
  • 0x58b422c3c662ae0e0ec4f50889d17ca8f86ca15d6c0e861eb8b1fdcc39c72c76