concentricfi.md

ConcentricFi

Amount Stolen: $1,720,000 (715.7 ETH)

Date: January 22nd, 2024

Tags: 🎙️ Contagious Interview

---

Details

The project suffered a severe security breach due to a targeted social engineering attack on one of the team members holding the deployer wallet.

The attacker compromised the private key for the protocol's deployer account and used it to upgrade the vaults, mint new LP tokens, and subsequently drain the vaults of their assets.

On-chain

• 0xeaf6e2a3d22a9775a1cc692b207b7d8dd6a4944c - ConcentricFi Compromised ConcentricFi Deployer
• 0x3f06d41f7a7b0fce0b4cd201fa6a207363a2317d - ConcentricFi Malicious, Ownership Transfered Here
• 0xc586e4b2f00ce6405741104f7394ff3df15850d3 - ConcentricFi Malicious Admin Contract
• 0x5a58d1a81c73dc5f1d56ba41e413ee5288c65d7f - ConcentricFi Malicious Contract Deployer
• 0x105f52fcC329cEF4CBe25BC946f8a3738414E4A1 - ConcentricFi Attacker 1
• 0xc62A25462A61f02EBAB35Cd39C5E9651426e760b - ConcentricFi Attacker 2
• 0xFD681A9aA555391Ef772C53144db8404AEC76030 - ConcentricFi Primary Theft 1 ($740k)
• 0x1F14E38666cDd8e8975f9acC09e24E9a28fbC42d - ConcentricFi Primary Theft 2 + OKX Dex Exploiter ($740k)
• 0x17865c33e40814d691663bC292b2F77000f94c34 - ConcentricFi Primary Theft 3 ($285k)
• 0x5c0E945Fc1c83D8d10E9c6366E2cBC5241532AEc - ConcentricFi Primary Theft 4
• 0x4d1ea27e41af286a0885fd1855e0cab94ea43f9b - ConcentricFi Laundry 1.1
• 0xeb69b2c6b99dbb3945e71a2a3b2fbb4099f435d6 - ConcentricFi Laundry 1.2 (BSC)
• 0xf8470420b558b2e8d3aaacc12916d8abe70bdb13 - ConcentricFi Laundry 1.3
• 0x09d755832c2ea9c46595a807a5e521db0140dc97 - ConcentricFi Laundry 1.4
• 0x9b9dd763096faaf4f2fdb3057bdf478e6707f8a7 - ConcentricFi Laundry 1.5
• 0x35d0f6a4bbdd035c5371692c90397aaad78cc9c3 - ConcentricFi Laundry 1.6
• 0xa1804fd8757f2fa2f98169805bbe8add70688b2c - ConcentricFi Laundry 3.1
• 0x429e9446fec36d0bd91a84637f876d98a663bb3f - ConcentricFi Laundry 3.2 (ETH, from Arbi)
• 0xf0489360bd2c60964ebbc62dce4d9bc9795ab328 - ConcentricFi Laundry 3.3, to DeFiWay (ETH)
• 0xb26aaaad941d37a8848966d4e28171bda786d5ca - ConcentricFi to Defiway
• 0x232b1f770e7637f2656ce08ed42ec6fb4c84590e - ConcentricFi Dust from 0xb26aaaad941d37a8848966d4e28171bda786d5ca
• 0x38be86d46c8b8fba115f26231581ff3291bd7122 - ConcentricFi Dust from 0x35d0f6a4bbdd035c5371692c90397aaad78cc9c3

Transfers Ownership:

• https://arbiscan.io/tx/0xd9036566a2614045219e9bead34e490fc24c9d6ca695d5348b694c3280558e3b

URLs

• https://twitter.com/CertiKAlert/status/1749424309552963754

• https://twitter.com/PeckShieldAlert/status/1749416043297337363

• https://twitter.com/CryptoEvgen/status/1760445908615823713

• https://twitter.com/ImmuneBytes/status/1749728382525599871

Connections

• Overlaps with OKX DEX

• 0x1f14e38666cdd8e8975f9acc09e24e9a28fbc42d (OKX DEX Exploiter) sends to 0xfd681a9aa555391ef772c53144db8404aec76030 (ConcentricFi) in txn: 0xacd1ba5bf5df47f713546a35afb94221d28665661e8be8598641eb05f68428f6