shield Business Logic Flaw · $33.7K loss

MFT Hack: How $33.7K Was Lost in a Business Logic Flaw (2024)

Q: How much did MFT lose?

The MFT exploit in November 2024 resulted in $33,700 in losses — the 82nd largest of 188 DeFi incidents that year.

Q: When did the MFT hack happen?

The MFT exploit was recorded on November 17, 2024 — 513 days ago.

Q: What type of exploit hit MFT?

The MFT incident is classified as a Business Logic Flaw. A business-logic bug in the contract — such as an incorrect formula or missing state update — lets the attacker withdraw more than their share.

Q: How common is the Business Logic Flaw pattern seen at MFT?

Our archive contains 144 documented business logic flaw incidents. The MFT incident is one of them.

Q: How does MFT compare to the largest Business Logic Flaw attack?

The largest business logic flaw incident in our archive is - EulerFinance (2023) at $200M. The MFT loss is $33.7K.

On November 2024, MFT was exploited in a business logic flaw, resulting in approximately $33.7K in losses. That makes the MFT exploit the 292nd largest DeFi incident out of 690 documented in our archive.

Attack Mechanics: How the MFT Business Logic Flaw Played Out

Exploit Class Applied to MFT

The MFT incident on November 17, 2024 is classified as a Business Logic Flaw. A business-logic bug in the contract — such as an incorrect formula or missing state update — lets the attacker withdraw more than their share. In the full archive, MFT is 1 of 144 documented business logic flaw incidents.

MFT in Context

At $33.7K, the MFT exploit is a minor (<$1M) event compared to the largest same-class incident in our archive — – EulerFinance (2023) at $200M.

Prior Business Logic Flaw Before MFT

The nearest business logic flaw incident before MFT was ChiSale, 10 days earlier on November 7, 2024 ($16.3K lost). The same exploit class surfaced again within the business logic flaw attack surface.

MFT Vulnerability Signature

The primary source categorises the MFT exploit specifically as “Logic Flaw”. This narrower label is entity-specific: it reflects how the MFT contract failed, rather than the broad business logic flaw pattern alone.

Impact & Recovery for MFT

MFT Loss Figure

The MFT exploit caused $33,700 in losses — a minor (<$1M) incident and the 82nd largest of 188 documented in 2024.

Where MFT Sits Among Business Logic Flaw Attacks

Ranked by loss size, MFT is the 57th largest of 144 business logic flaw incidents documented. That puts the MFT loss below the class average of $6.08M.

Timeline Since the MFT Incident

The MFT exploit occurred 1.4 years ago (513 days). The contract, its fork-block, and the attack transaction remain on-chain and forensically reproducible.

Primary Reference for MFT

Public post-mortem / on-chain analysis for the MFT incident: view source.

FAQ

How much did MFT lose?

The MFT exploit in November 2024 resulted in $33,700 in losses — the 82nd largest of 188 DeFi incidents that year.

When did the MFT hack happen?

The MFT exploit was recorded on November 17, 2024 — 513 days ago.

What type of exploit hit MFT?

The MFT incident is classified as a Business Logic Flaw. A business-logic bug in the contract — such as an incorrect formula or missing state update — lets the attacker withdraw more than their share.

How common is the Business Logic Flaw pattern seen at MFT?

Our archive contains 144 documented business logic flaw incidents. The MFT incident is one of them.

How does MFT compare to the largest Business Logic Flaw attack?

The largest business logic flaw incident in our archive is – EulerFinance (2023) at $200M. The MFT loss is $33.7K.

What theory suggests female board members influence CSR positively?

Critical mass theory.

What period does the study cover?

January 2019 to June 2020.