shield Business Logic Flaw · $59K loss

INcufi Hack: How $59K Was Lost in a Business Logic Flaw (2024)

Q: How much did INcufi lose?

The INcufi exploit in June 2024 resulted in $59,000 in losses — the 72nd largest of 188 DeFi incidents that year.

Q: When did the INcufi hack happen?

The INcufi exploit was recorded on June 18, 2024 — 665 days ago.

Q: What type of exploit hit INcufi?

The INcufi incident is classified as a Business Logic Flaw. A business-logic bug in the contract — such as an incorrect formula or missing state update — lets the attacker withdraw more than their share.

Q: How common is the Business Logic Flaw pattern seen at INcufi?

Our archive contains 144 documented business logic flaw incidents. The INcufi incident is one of them.

Q: How does INcufi compare to the largest Business Logic Flaw attack?

The largest business logic flaw incident in our archive is - EulerFinance (2023) at $200M. The INcufi loss is $59K.

Q: What challenges in implementing Blockchain technology in tourism does the study highlight?

The need for careful planning and overcoming potential technological and regulatory hurdles.

Q: What blockchain model is preferred for internal company use according to the document?

Private blockchains are preferred for internal use, limiting access to company members.

On June 2024, INcufi was exploited in a business logic flaw, resulting in approximately $59K in losses. That makes the INcufi exploit the 258th largest DeFi incident out of 690 documented in our archive.

Attack Mechanics: How the INcufi Business Logic Flaw Played Out

Exploit Class Applied to INcufi

The INcufi incident on June 18, 2024 is classified as a Business Logic Flaw. A business-logic bug in the contract — such as an incorrect formula or missing state update — lets the attacker withdraw more than their share. In the full archive, INcufi is 1 of 144 documented business logic flaw incidents.

INcufi in Context

At $59K, the INcufi exploit is a minor (<$1M) event compared to the largest same-class incident in our archive — – EulerFinance (2023) at $200M.

Prior Business Logic Flaw Before INcufi

The nearest business logic flaw incident before INcufi was Dyson_money, 1 day earlier on June 17, 2024. The same exploit class surfaced again within the business logic flaw attack surface.

Impact & Recovery for INcufi

INcufi Loss Figure

The INcufi exploit caused $59,000 in losses — a minor (<$1M) incident and the 72nd largest of 188 documented in 2024.

Where INcufi Sits Among Business Logic Flaw Attacks

Ranked by loss size, INcufi is the 46th largest of 144 business logic flaw incidents documented. That puts the INcufi loss below the class average of $6.08M.

Timeline Since the INcufi Incident

The INcufi exploit occurred 1.8 years ago (665 days). The contract, its fork-block, and the attack transaction remain on-chain and forensically reproducible.

FAQ

How much did INcufi lose?

The INcufi exploit in June 2024 resulted in $59,000 in losses — the 72nd largest of 188 DeFi incidents that year.

When did the INcufi hack happen?

The INcufi exploit was recorded on June 18, 2024 — 665 days ago.

What type of exploit hit INcufi?

The INcufi incident is classified as a Business Logic Flaw. A business-logic bug in the contract — such as an incorrect formula or missing state update — lets the attacker withdraw more than their share.

How common is the Business Logic Flaw pattern seen at INcufi?

Our archive contains 144 documented business logic flaw incidents. The INcufi incident is one of them.

How does INcufi compare to the largest Business Logic Flaw attack?

The largest business logic flaw incident in our archive is – EulerFinance (2023) at $200M. The INcufi loss is $59K.

What challenges in implementing Blockchain technology in tourism does the study highlight?

The need for careful planning and overcoming potential technological and regulatory hurdles.

What blockchain model is preferred for internal company use according to the document?

Private blockchains are preferred for internal use, limiting access to company members.