VERDICT —OUT OF SCOPE
Root cause is infrastructure (DNS / cloud / database / third-party API) compromise, not on-chain contract logic. Pre-deployment source review would not surface this; coverage lives in cloud-security + supply-chain audit, separate discipline.
▰ METHOD
INFRASTRUCTURE
INFRASTRUCTURE
Root cause
Root-cause analysis not yet published. The incident description below contains all currently available signal — review the attack transaction directly for definitive forensics.
Forensic narrative
According to the official release, the MM.finance website was hit by a DNS attack, and the attacker managed to inject malicious contract addresses into the front-end code. The attacker exploited the DNS vulnerability to modify the router contract address in the escrow file, and digital assets worth more than $2,000,000 were stolen, bridged to the Ethereum network through multi-chain, and then laundered through Tornado Cash. Attack method (per SlowMist): DNS Attack. Reported loss: $ 2,000,000.
Sourced from
slowmist
Technical record
- chain
- ethereum
- protocol
- MM.finance
- bug_class
- infrastructure
- date_occurred
- 2022-05-04
- loss_usd
- $2,000,000
- source_id
- sm:mm-finance::2022-05-04
Related — same bug class· infrastructure