← back to feed·MULTIACCESS-CONTROL2024-10-31 · 1y ago

Incident · DEFILLAMA

M2 Exchange

Access Control Exploit

Estimated loss

$13.70M

VERDICT —UNRATED

Verdict pending. Auto-ingested incidents are reviewed before a public verdict is rendered.

▰ METHOD

Access Control Exploit

ACCESS-CONTROLBYTECODE CATCHABLE →AI SCANNABLE →

Root cause

Root-cause analysis not yet published. The incident description below contains all currently available signal — review the attack transaction directly for definitive forensics.

Forensic narrative

Classification: Protocol Logic. Technique: Access Control Exploit. Target type: CEX. Affected chains: Ethereum, Solana, Bitcoin.

Sourced from

DefiLlama Hacks dataset · api.llama.fi/hacks

Technical record

chain: multichain
protocol: M2 Exchange
bug_class: access-control
date_occurred: 2024-10-31
loss_usd: $13,700,000
classification: Protocol Logic
technique: Access Control Exploit
target_type: CEX
source_id: dl:adhoc:m2-exchange:1730332800

Related — same bug class· access-control

2026-05-13

27d ago

ARB

ShapeShift FOX Colony (Colony Network)

executeMetaTransaction → resolver-repoint via setTarget → delegatecall drain

Uniswap V4 hook-contract logic exploit

Contract Vulnerability

Huma Finance V1 (deprecated)

refreshAccount() unconditional GoodStanding state flip → unauthorized drawdown

Unprotected Initializer Exploit

Contract Vulnerability

access-control

$209.0K

UNRATED