ChainBleedv0.1 · open intel
← back to feed·PRIVATE-KEY2024-09-20 · 1y ago
Incident · SLOWMIST

Compound

Account Compromise
Estimated loss
VERDICT —OUT OF SCOPE
Root cause is private-key / signer compromise — the on-chain contract behaved exactly as written. No pre-deployment source audit or bytecode review reaches the key-custody perimeter; this is operational-security territory (HSM/MPC hygiene, key rotation, hot-wallet isolation). Bytecode would show nothing wrong.
▰ METHOD
PRIVATE KEY
PRIVATE-KEY
Root cause

Root-cause analysis not yet published. The incident description below contains all currently available signal — review the attack transaction directly for definitive forensics.

Forensic narrative

Compound community’s Discord server has been hacked. Please do not click on any links until the situation is resolved. Attack method (per SlowMist): Account Compromise. Reported loss: -.

Primary source
https://x.com/compoundfinance/status/1837515311983006144
Sourced from
slowmist
Technical record
chain
protocol
Compound
bug_class
private-key
date_occurred
2024-09-20
loss_usd
source_id
sm:compound::2024-09-20
Related — same bug class· private-key
2026-04-30
1mo ago
MULTI
Wasabi Perps
Admin Key Compromised
private-key
$5.50M
OUT OF SCOPE
2026-04-30
1mo ago
ETH
Wasabi Protocol
Private Key Leakage
private-key
$5.70M
OUT OF SCOPE
2026-04-29
1mo ago
Syndicate Labs
Private Key Leakage
private-key
$380.0K
OUT OF SCOPE
2026-04-21
1mo ago
SUI
Volo Vault
Admin Key Compromised
private-key
$3.50M
OUT OF SCOPE
2026-04-21
1mo ago
SUI
Volo Vaults
Private Key Leakage
private-key
$3.50M
OUT OF SCOPE
2026-04-16
1mo ago
MULTI
Grinex
Hot wallet hack
private-key
$15.00M
OUT OF SCOPE
ChainBleed — live web3 threat intelligence