VERDICT —OUT OF SCOPE
Root cause is phishing — victims signed malicious transactions or approvals off-protocol. Contract logic was not the failure surface; user-side wallet hygiene was. Pre-deployment audit cannot catch this class.
▰ METHOD
PHISHING
PHISHING
Root cause
Root-cause analysis not yet published. The incident description below contains all currently available signal — review the attack transaction directly for definitive forensics.
Forensic narrative
Several FTX users were hacked and stolen coins, which 3Commas said was due to phishing websites. In a collaborative investigation conducted by 3Commas and FTX, it was discovered that some API keys were associated with new 3Commas accounts, but the API keys were not obtained from 3Commas, but from outside the 3Commas platform. At the same time, FTX will provide a total of approximately $6 million in compensation to FTX accounts affected by the phishing incident. Attack method (per SlowMist): Phishing attack. Reported loss: $ 6,000,000.
Sourced from
slowmist
Technical record
- chain
- —
- protocol
- FTX & 3Commas
- bug_class
- phishing
- date_occurred
- 2022-10-23
- loss_usd
- $6,000,000
- source_id
- sm:ftx-3commas::2022-10-23
Related — same bug class· phishing