VERDICT —OUT OF SCOPE
Root cause is social engineering — privileged personnel deceived into authorizing the drain. Contract behaved as written. Defense lives in process controls (multi-party approval, M-of-N signoff windows), not in smart-contract review.
▰ METHOD
SOCIAL ENGINEERING
SOCIAL-ENGINEERING
Root cause
Root-cause analysis not yet published. The incident description below contains all currently available signal — review the attack transaction directly for definitive forensics.
Forensic narrative
The hackers gained access to AirDAO LP through a social engineering scam and drained the liquidity pool of AMB/ETH. The scam involved an email with a malicious attachment, impersonating one of their known partners. In total, the hackers stole 41,612,782.10627101 AMB and 126.5 ETH. Attack method (per SlowMist): Social Engineering. Reported loss: $ 1,050,000.
Sourced from
slowmist
Technical record
- chain
- —
- protocol
- AirDAO
- bug_class
- social-engineering
- date_occurred
- 2024-03-21
- loss_usd
- $1,050,000
- source_id
- sm:airdao::2024-03-21
Related — same bug class· social-engineering
2026-05-11
1mo ago
SOL
social-engineering
$2.86M
OUT OF SCOPE
2026-04-01
2mo ago
SOL
social-engineering
$286.00M
OUT OF SCOPE
2026-02-23
3mo ago
—
social-engineering
—
OUT OF SCOPE
2025-09-01
9mo ago
BSC
social-engineering
$2.00M
OUT OF SCOPE
2025-07-24
10mo ago
MULTI
social-engineering
$14.00M
OUT OF SCOPE
2025-04-27
1y ago
—
social-engineering
$100.0K
OUT OF SCOPE