On April 2024, NGFS was exploited in a access control, resulting in approximately $190K in losses. That makes the NGFS exploit the 168th largest DeFi incident out of 690 documented in our archive.
Attack Mechanics: How the NGFS Access Control Played Out
Exploit Class Applied to NGFS
The NGFS incident on April 25, 2024 is classified as a Access Control. A privileged function lacks a proper authorisation check, letting an unauthorised caller execute it. In the full archive, NGFS is 1 of 77 documented access control incidents.
NGFS in Context
At $190K, the NGFS exploit is a minor (<$1M) event compared to the largest same-class incident in our archive — Corkprotocol (2025) at $12M.
Prior Access Control Before NGFS
The nearest access control incident before NGFS was GROKD, 13 days earlier on April 12, 2024. The same exploit class surfaced again within the access control attack surface.
NGFS Vulnerability Signature
The primary source categorises the NGFS exploit specifically as “Bad Access Control”. This narrower label is entity-specific: it reflects how the NGFS contract failed, rather than the broad access control pattern alone.
Impact & Recovery for NGFS
NGFS Loss Figure
The NGFS exploit caused $190,000 in losses — a minor (<$1M) incident and the 46th largest of 188 documented in 2024. This single incident represents 0.1% of all tracked losses that year.
Where NGFS Sits Among Access Control Attacks
Ranked by loss size, NGFS is the 17th largest of 77 access control incidents documented. That puts the NGFS loss below the class average of $636K.
Timeline Since the NGFS Incident
The NGFS exploit occurred 2 years ago (719 days). The contract, its fork-block, and the attack transaction remain on-chain and forensically reproducible.
Primary Reference for NGFS
Public post-mortem / on-chain analysis for the NGFS incident: view source.
FAQ
How much did NGFS lose?
The NGFS exploit in April 2024 resulted in $190,000 in losses — the 46th largest of 188 DeFi incidents that year.
When did the NGFS hack happen?
The NGFS exploit was recorded on April 25, 2024 — 719 days ago.
What type of exploit hit NGFS?
The NGFS incident is classified as a Access Control. A privileged function lacks a proper authorisation check, letting an unauthorised caller execute it.
How common is the Access Control pattern seen at NGFS?
Our archive contains 77 documented access control incidents. The NGFS incident is one of them.
How does NGFS compare to the largest Access Control attack?
The largest access control incident in our archive is Corkprotocol (2025) at $12M. The NGFS loss is $190K.
What cryptocurrencies are the focus of the study's analysis?
The study focuses on analyzing the trading performance of Bitcoin and Ethereum using Bollinger Bands trading strategy (BBTS).
How does the study assess model performance?
Model performance was assessed using various metrics including AIC, BIC, MSE, and QLIKE, supplemented by comprehensive residual diagnostics.