ChainBleedv0.1 · open intel
← back to feed·INFRASTRUCTURE2022-06-24 · 3y ago
Incident · SLOWMIST

ConvexFinance

DNS Attack
Estimated loss
VERDICT —OUT OF SCOPE
Root cause is infrastructure (DNS / cloud / database / third-party API) compromise, not on-chain contract logic. Pre-deployment source review would not surface this; coverage lives in cloud-security + supply-chain audit, separate discipline.
▰ METHOD
INFRASTRUCTURE
INFRASTRUCTURE
Root cause

Root-cause analysis not yet published. The incident description below contains all currently available signal — review the attack transaction directly for definitive forensics.

Forensic narrative

ConvexFinance officially tweeted that a DNS attack caused users to approve malicious contracts on some interactions on the website, and the problem has been fixed. Attack method (per SlowMist): DNS Attack. Reported loss: 215 ETH.

Primary source
https://twitter.com/ConvexFinance/status/1540104036229185536
Sourced from
slowmist
Technical record
chain
protocol
ConvexFinance
bug_class
infrastructure
date_occurred
2022-06-24
loss_usd
source_id
sm:convexfinance::2022-06-24
Related — same bug class· infrastructure
2026-04-18
1mo ago
Kelp DAO
Infrastructure-level attack
infrastructure
$293.00M
OUT OF SCOPE
2026-04-18
1mo ago
DNS registrar for eth.limo
DNS hijacking
infrastructure
OUT OF SCOPE
2026-04-04
2mo ago
HypurrFi
Domain Hijacking
infrastructure
OUT OF SCOPE
2026-03-31
2mo ago
Steakhouse Financial
Social Engineering
infrastructure
OUT OF SCOPE
2026-03-19
2mo ago
Neutrl
DNS Hijacking
infrastructure
OUT OF SCOPE
2026-03-18
2mo ago
ETH
Neutrl
DNS Hijacking Attack
infrastructure
OUT OF SCOPE
ChainBleed — live web3 threat intelligence