VERDICT —OUT OF SCOPE
Root cause is infrastructure (DNS / cloud / database / third-party API) compromise, not on-chain contract logic. Pre-deployment source review would not surface this; coverage lives in cloud-security + supply-chain audit, separate discipline.
▰ METHOD
INFRASTRUCTURE
INFRASTRUCTURE
Root cause
Root-cause analysis not yet published. The incident description below contains all currently available signal — review the attack transaction directly for definitive forensics.
Forensic narrative
Ethena Labs posted on X platform that their Ethena domain registrar account was recently compromised. They have taken measures to disable the website until further notice. The protocol is not affected, and funds are secure. Please do not interact with any sites or applications claiming to be the Ethena frontend. Attack method (per SlowMist): DNS Attack. Reported loss: -.
Primary source
https://x.com/ethena_labs/status/1836450334329155787 ↗Sourced from
slowmist
Technical record
- chain
- —
- protocol
- Ethena Labs
- bug_class
- infrastructure
- date_occurred
- 2024-09-19
- loss_usd
- —
- source_id
- sm:ethena-labs::2024-09-19
Related — same bug class· infrastructure