VERDICT —OUT OF SCOPE
Root cause is social engineering — privileged personnel deceived into authorizing the drain. Contract behaved as written. Defense lives in process controls (multi-party approval, M-of-N signoff windows), not in smart-contract review.
▰ METHOD
SOCIAL ENGINEERING
SOCIAL-ENGINEERING
Root cause
Root-cause analysis not yet published. The incident description below contains all currently available signal — review the attack transaction directly for definitive forensics.
Forensic narrative
It is reported that the FFF token deployed on the BSC has an abnormal additional issue event. This event is that the administrator of the original project party purchased the additional issue through the pre-set additional issue contract, and then sold the additional issued tokens and transferred the acquired assets in part. More than US $1.03 million of FFF tokens were sold in this issue. Attack method (per SlowMist): Insider Manipulation. Reported loss: $ 1,030,000.
Sourced from
slowmist
Technical record
- chain
- bsc
- protocol
- FFF
- bug_class
- social-engineering
- date_occurred
- 2023-01-20
- loss_usd
- $1,030,000
- source_id
- sm:fff::2023-01-20
Related — same bug class· social-engineering
2026-05-11
1mo ago
SOL
social-engineering
$2.86M
OUT OF SCOPE
2026-04-01
2mo ago
SOL
social-engineering
$286.00M
OUT OF SCOPE
2026-02-23
3mo ago
—
social-engineering
—
OUT OF SCOPE
2025-09-01
9mo ago
BSC
social-engineering
$2.00M
OUT OF SCOPE
2025-07-24
10mo ago
MULTI
social-engineering
$14.00M
OUT OF SCOPE
2025-04-27
1y ago
—
social-engineering
$100.0K
OUT OF SCOPE