ChainBleedv0.1 · open intel
← back to feed·ACCESS-CONTROL2023-11-19 · 2y ago
Incident · SLOWMIST

Kronos Research

API Key Attack
Estimated loss
$26.00M
VERDICT —UNRATED
Verdict pending. Auto-ingested incidents are reviewed before a public verdict is rendered.
▰ METHOD
ACCESS CONTROL
ACCESS-CONTROLBYTECODE CATCHABLEAI SCANNABLE
Root cause

Root-cause analysis not yet published. The incident description below contains all currently available signal — review the attack transaction directly for definitive forensics.

Forensic narrative

Crypto quantization company Kronos Research tweeted that they experienced unauthorized access of some of their API keys. Attack method (per SlowMist): API Key Attack. Reported loss: $ 26,000,000.

Primary source
https://twitter.com/ResearchKronos/status/1726013733888041376
Sourced from
slowmist
Technical record
chain
protocol
Kronos Research
bug_class
access-control
date_occurred
2023-11-19
loss_usd
$26,000,000
source_id
sm:kronos-research::2023-11-19
Related — same bug class· access-control
2026-05-13
28d ago
ARB
ShapeShift FOX Colony (Colony Network)
executeMetaTransaction → resolver-repoint via setTarget → delegatecall drain
access-control
$132.7K
AUDIT-CATCHABLE
2026-05-12
28d ago
ETH
BoostHook
Uniswap V4 hook-contract logic exploit
access-control
$47.5K
UNRATED
2026-05-12
29d ago
Aurellion Labs
Contract Vulnerability
access-control
$455.0K
UNRATED
2026-05-11
29d ago
POLY
Huma Finance V1 (deprecated)
refreshAccount() unconditional GoodStanding state flip → unauthorized drawdown
access-control
$101.4K
AUDIT-CATCHABLE
2026-05-10
1mo ago
ARB
Renegade
Unprotected Initializer Exploit
access-control
$209.0K
UNRATED
2026-05-10
1mo ago
ARB
Renegade
Contract Vulnerability
access-control
$209.0K
UNRATED
ChainBleed — live web3 threat intelligence