ChainBleedv0.1 · open intel
← back to feed·LOGIC2025-05-30 · 1y ago
Incident · SLOWMIST

Malda

Contract Vulnerability
Estimated loss
$285.0K
VERDICT —UNRATED
Verdict pending. Auto-ingested incidents are reviewed before a public verdict is rendered.
▰ METHOD
LOGIC
LOGICBYTECODE CATCHABLEAI SCANNABLE
Root cause

Root-cause analysis not yet published. The incident description below contains all currently available signal — review the attack transaction directly for definitive forensics.

Forensic narrative

The vulnerability originated in the Migrator.sol contract. The contract allowed the Mendi Comptroller address to be passed dynamically, rather than being hardcoded. This enabled the attacker to supply their own malicious Comptroller, mint a synthetic position on Malda, and withdraw approximately $285,000. Attack method (per SlowMist): Contract Vulnerability. Reported loss: $ 285,000.

Primary source
https://mirror.xyz/0x4Da818DD3aAfb9D042a76B5037cdBa61533C7692/yhFSyxCImJ23OD00vb2GQ0JmbcBkX2CO4V2t_29ykIA
Sourced from
slowmist
Technical record
chain
protocol
Malda
bug_class
logic
date_occurred
2025-05-30
loss_usd
$285,000
source_id
sm:malda::2025-05-30
Related — same bug class· logic
2026-05-13
28d ago
TRON
Transit Finance
Deprecated Smart Contract Exploit
logic
$1.88M
UNRATED
2026-05-13
28d ago
ETH
TAC Cross-Chain Layer (TON Side)
Contract Vulnerability
logic
$2.80M
UNRATED
2026-05-13
28d ago
ETH
Transit Finance
Contract Vulnerability
logic
$1.88M
UNRATED
2026-05-12
29d ago
ARB
Aurellion
Uninitialized Proxy Exploit
logic
$456.0K
UNRATED
2026-05-12
29d ago
BSC
SQ Protocol
Acces Control Exploit
logic
$346.0K
UNRATED
2026-05-12
29d ago
BSC
SQ Protocol
Contract Vulnerability
logic
$346.1K
UNRATED
ChainBleed — live web3 threat intelligence