Root-cause analysis not yet published. The incident description below contains all currently available signal — review the attack transaction directly for definitive forensics.
The digital collectibles market platform Bondly Finance released an analysis report on the previous attack. Bondly Finance believes that the attacker obtained access to the password account belonging to Bondly CEO Brandon Smith through a carefully planned strategy. The password account contains the assistance of his hardware wallet. Recalling the phrase to restore the phrase, after copying, allowed the attacker to access the BONDLY smart contract, and the company wallet that was also leaked, resulting in the minting of 373 million BONDLY tokens. Attack method (per SlowMist): Private Key Leakage. Reported loss: 373,000,000 BONDLY.
- chain
- —
- protocol
- Bondly Finance
- bug_class
- private-key
- date_occurred
- 2021-07-14
- loss_usd
- —
- source_id
- sm:bondly-finance::2021-07-14