VERDICT —OUT OF SCOPE
Root cause is infrastructure (DNS / cloud / database / third-party API) compromise, not on-chain contract logic. Pre-deployment source review would not surface this; coverage lives in cloud-security + supply-chain audit, separate discipline.
▰ METHOD
INFRASTRUCTURE
INFRASTRUCTURE
Root cause
Root-cause analysis not yet published. The incident description below contains all currently available signal — review the attack transaction directly for definitive forensics.
Forensic narrative
Decentralized exchange Quickswap has come under attack for a vulnerability in its hosting provider GoDaddy. The hijackers gained access to QuickSwap's DNS through a vulnerability in GoDaddy, where QuickSwap domains were hosted. Some DEX users lost around $107,600 through platform swaps before QuickSwap was able to regain control of our domain. Attack method (per SlowMist): DNS Hijacking Attack. Reported loss: $ 107,600.
Sourced from
slowmist
Technical record
- chain
- —
- protocol
- Quickswap
- bug_class
- infrastructure
- date_occurred
- 2022-05-14
- loss_usd
- $107,600
- source_id
- sm:quickswap::2022-05-14
Related — same bug class· infrastructure