shield Business Logic Flaw · $182K loss

ATM Hack: How $182K Was Lost in a Business Logic Flaw (2024)

Q: How much did ATM lose?

The ATM exploit in April 2024 resulted in $182,000 in losses — the 47th largest of 188 DeFi incidents that year.

Q: When did the ATM hack happen?

The ATM exploit was recorded on April 1, 2024 — 743 days ago.

Q: What type of exploit hit ATM?

The ATM incident is classified as a Business Logic Flaw. A business-logic bug in the contract — such as an incorrect formula or missing state update — lets the attacker withdraw more than their share.

Q: How common is the Business Logic Flaw pattern seen at ATM?

Our archive contains 144 documented business logic flaw incidents. The ATM incident is one of them.

Q: How does ATM compare to the largest Business Logic Flaw attack?

The largest business logic flaw incident in our archive is - EulerFinance (2023) at $200M. The ATM loss is $182K.

Q: How does the system address the challenge of scalability?

By leveraging blockchain platforms designed for high transaction throughput and integrating off-chain storage solutions.

On April 2024, ATM was exploited in a business logic flaw, resulting in approximately $182K in losses. That makes the ATM exploit the 170th largest DeFi incident out of 690 documented in our archive.

Attack Mechanics: How the ATM Business Logic Flaw Played Out

Exploit Class Applied to ATM

The ATM incident on April 1, 2024 is classified as a Business Logic Flaw. A business-logic bug in the contract — such as an incorrect formula or missing state update — lets the attacker withdraw more than their share. In the full archive, ATM is 1 of 144 documented business logic flaw incidents.

ATM in Context

At $182K, the ATM exploit is a minor (<$1M) event compared to the largest same-class incident in our archive — – EulerFinance (2023) at $200M.

Prior Business Logic Flaw Before ATM

The nearest business logic flaw incident before ATM was LavaLending, 4 days earlier on March 28, 2024 ($340K lost). The same exploit class surfaced again within the business logic flaw attack surface.

Impact & Recovery for ATM

ATM Loss Figure

The ATM exploit caused $182,000 in losses — a minor (<$1M) incident and the 47th largest of 188 documented in 2024.

Where ATM Sits Among Business Logic Flaw Attacks

Ranked by loss size, ATM is the 32nd largest of 144 business logic flaw incidents documented. That puts the ATM loss below the class average of $6.08M.

Timeline Since the ATM Incident

The ATM exploit occurred 2 years ago (743 days). The contract, its fork-block, and the attack transaction remain on-chain and forensically reproducible.

FAQ

How much did ATM lose?

The ATM exploit in April 2024 resulted in $182,000 in losses — the 47th largest of 188 DeFi incidents that year.

When did the ATM hack happen?

The ATM exploit was recorded on April 1, 2024 — 743 days ago.

What type of exploit hit ATM?

The ATM incident is classified as a Business Logic Flaw. A business-logic bug in the contract — such as an incorrect formula or missing state update — lets the attacker withdraw more than their share.

How common is the Business Logic Flaw pattern seen at ATM?

Our archive contains 144 documented business logic flaw incidents. The ATM incident is one of them.

How does ATM compare to the largest Business Logic Flaw attack?

The largest business logic flaw incident in our archive is – EulerFinance (2023) at $200M. The ATM loss is $182K.

How does the system address the challenge of scalability?

By leveraging blockchain platforms designed for high transaction throughput and integrating off-chain storage solutions.

Which model showed superior performance on the test set?

Extra Trees classifier.