On March 2024, CGT suffered a access control — the first of 77 documented access control incidents in our archive where the loss figure was not publicly disclosed but the exploit pattern is documented below.
Attack Mechanics: How the CGT Access Control Played Out
Exploit Class Applied to CGT
The CGT incident on March 23, 2024 is classified as a Access Control. A privileged function lacks a proper authorisation check, letting an unauthorised caller execute it. In the full archive, CGT is 1 of 77 documented access control incidents.
CGT in Context
The CGT incident joins a class whose largest loss to date is Corkprotocol (2025) at $12M.
Prior Access Control Before CGT
The nearest access control incident before CGT was Paraswap, 3 days earlier on March 20, 2024 ($24K lost). The same exploit class surfaced again within the access control attack surface.
CGT Vulnerability Signature
The primary source categorises the CGT exploit specifically as “Incorrect Access Control”. This narrower label is entity-specific: it reflects how the CGT contract failed, rather than the broad access control pattern alone.
Impact & Recovery for CGT
CGT Loss Figure
The loss figure for CGT is not publicly disclosed. The primary source reports the exploit in non-USD terms, so no USD estimate is published here. For reference, the average loss across 77 access control incidents in our archive is $636K.
Timeline Since the CGT Incident
The CGT exploit occurred 2.1 years ago (752 days). The contract, its fork-block, and the attack transaction remain on-chain and forensically reproducible.
Primary Reference for CGT
Public post-mortem / on-chain analysis for the CGT incident: view source.
FAQ
How much did CGT lose?
The CGT loss figure is not publicly disclosed. The primary source reports the exploit in non-USD token terms, so no USD estimate is published here.
When did the CGT hack happen?
The CGT exploit was recorded on March 23, 2024 — 752 days ago.
What type of exploit hit CGT?
The CGT incident is classified as a Access Control. A privileged function lacks a proper authorisation check, letting an unauthorised caller execute it.
How common is the Access Control pattern seen at CGT?
Our archive contains 77 documented access control incidents. The CGT incident is one of them.
How does CGT compare to the largest Access Control attack?
The largest access control incident in our archive is Corkprotocol (2025) at $12M. The CGT loss was not publicly disclosed.
How do Graph Attention Networks (GANs) contribute to financial anti-fraud models?
By enabling comprehensive analysis of user transaction data through attention mechanisms.
Why is the Gradient-Boosting Decision Tree (GBDT) incorporated into the anti-fraud model?
To enhance the model's ability to identify fraud by handling non-linear features effectively.