VERDICT —OUT OF SCOPE
Root cause is social engineering — privileged personnel deceived into authorizing the drain. Contract behaved as written. Defense lives in process controls (multi-party approval, M-of-N signoff windows), not in smart-contract review.
▰ METHOD
SOCIAL ENGINEERING
SOCIAL-ENGINEERING
Root cause
Root-cause analysis not yet published. The incident description below contains all currently available signal — review the attack transaction directly for definitive forensics.
Forensic narrative
The Blast ecosystem project Munchables was attacked, resulting in a loss of approximately $62.5 million. On the same day, Blast founder Pacman tweeted: "$97m has been secured in a multisig by Blast core contributors. Took an incredible lift in the background but I’m grateful the ex munchables dev opted to return all funds in the end without any ransom required.." Attack method (per SlowMist): Insider Manipulation. Reported loss: $ 62,500,000.
Primary source
https://www.theblockbeats.info/flash/241090 ↗Sourced from
slowmist
Technical record
- chain
- —
- protocol
- Munchables
- bug_class
- social-engineering
- date_occurred
- 2024-03-27
- loss_usd
- $62,500,000
- source_id
- sm:munchables::2024-03-27
Related — same bug class· social-engineering
2026-05-11
1mo ago
SOL
social-engineering
$2.86M
OUT OF SCOPE
2026-04-01
2mo ago
SOL
social-engineering
$286.00M
OUT OF SCOPE
2026-02-23
3mo ago
—
social-engineering
—
OUT OF SCOPE
2025-09-01
9mo ago
BSC
social-engineering
$2.00M
OUT OF SCOPE
2025-07-24
10mo ago
MULTI
social-engineering
$14.00M
OUT OF SCOPE
2025-04-27
1y ago
—
social-engineering
$100.0K
OUT OF SCOPE