VERDICT —OUT OF SCOPE
Root cause is phishing — victims signed malicious transactions or approvals off-protocol. Contract logic was not the failure surface; user-side wallet hygiene was. Pre-deployment audit cannot catch this class.
▰ METHOD
PHISHING
PHISHING
Root cause
Root-cause analysis not yet published. The incident description below contains all currently available signal — review the attack transaction directly for definitive forensics.
Forensic narrative
Ether co-founder Vitalik Buterin's Twitter account is suspected to have been hacked and posted a link (actually a phishing link) to a free Proto Danksharding Memorial NFT pickup related to ConsenSys. ZachXBT says the hackers have now stolen $700,000. Upon review, the tweet containing the phishing link has been removed. Attack method (per SlowMist): Account Compromise. Reported loss: $ 700,000.
Primary source
https://www.odaily.news/newsflash/335151?source=share ↗Sourced from
slowmist
Technical record
- chain
- —
- protocol
- Vitalik Buterin
- bug_class
- phishing
- date_occurred
- 2023-09-10
- loss_usd
- $700,000
- source_id
- sm:vitalik-buterin::2023-09-10
Related — same bug class· phishing