VERDICT —UNRATED
Verdict pending. Auto-ingested incidents are reviewed before a public verdict is rendered.
▰ METHOD
Undisclosed
Root cause
Root-cause analysis not yet published. The incident description below contains all currently available signal — review the attack transaction directly for definitive forensics.
Forensic narrative
The DeFi project YFValue (YFV) officially released an announcement stating that the team found a loophole in the YFV pledge pool yesterday, and malicious participants used the vulnerability to reset the YFV timer in the pledge separately. There is a risk of being locked in $170 million in funds. Currently, a malicious participant is trying to blackmail the team using this vulnerability. Attack method (per SlowMist): Staking Pool Vulnerability. Reported loss: $ 170,000,000.
Sourced from
slowmist
Technical record
- chain
- —
- protocol
- YFValue
- bug_class
- unknown
- date_occurred
- 2020-08-24
- loss_usd
- $170,000,000
- source_id
- sm:yfvalue::2020-08-24
Related — same bug class