VERDICT —OUT OF SCOPE
Root cause is phishing — victims signed malicious transactions or approvals off-protocol. Contract logic was not the failure surface; user-side wallet hygiene was. Pre-deployment audit cannot catch this class.
▰ METHOD
PHISHING
PHISHING
Root cause
Root-cause analysis not yet published. The incident description below contains all currently available signal — review the attack transaction directly for definitive forensics.
Forensic narrative
The official Twitter account of the DeFi platform Shell Protocol on Arbitrum is suspected of being stolen. It posted false news about the application of SHELL tokens and closed the comment area. Please do not interact with it. According to news, this attack seems to be due to the hacking of its founder’s SIM card, resulting in both personal Twitter and Shell Protocol’s Twitter being hacked, and the attacker is the PinkDrainer phishing gang. Attack method (per SlowMist): Account Compromise. Reported loss: -.
Sourced from
slowmist
Technical record
- chain
- arbitrum
- protocol
- Shell Protocol
- bug_class
- phishing
- date_occurred
- 2023-07-19
- loss_usd
- —
- source_id
- sm:shell-protocol::2023-07-19
Related — same bug class· phishing