shield Business Logic Flaw · $28K loss

YYStoken Hack: How $28K Was Lost in a Business Logic Flaw (2024)

Q: How much did YYStoken lose?

The YYStoken exploit in June 2024 resulted in $28,000 in losses — the 86th largest of 188 DeFi incidents that year.

Q: When did the YYStoken hack happen?

The YYStoken exploit was recorded on June 8, 2024 — 675 days ago.

Q: What type of exploit hit YYStoken?

The YYStoken incident is classified as a Business Logic Flaw. A business-logic bug in the contract — such as an incorrect formula or missing state update — lets the attacker withdraw more than their share.

Q: How common is the Business Logic Flaw pattern seen at YYStoken?

Our archive contains 144 documented business logic flaw incidents. The YYStoken incident is one of them.

Q: How does YYStoken compare to the largest Business Logic Flaw attack?

The largest business logic flaw incident in our archive is - EulerFinance (2023) at $200M. The YYStoken loss is $28K.

Q: What challenges are highlighted in the quest for a more effective e-business framework?

Advantages are counterbalanced by limitations, and there are difficulties to be overcome.

Q: What types of data are used as input for the prediction models?

Social data from Twitter and market data.

On June 2024, YYStoken was exploited in a business logic flaw, resulting in approximately $28K in losses. That makes the YYStoken exploit the 307th largest DeFi incident out of 690 documented in our archive.

Attack Mechanics: How the YYStoken Business Logic Flaw Played Out

Exploit Class Applied to YYStoken

The YYStoken incident on June 8, 2024 is classified as a Business Logic Flaw. A business-logic bug in the contract — such as an incorrect formula or missing state update — lets the attacker withdraw more than their share. In the full archive, YYStoken is 1 of 144 documented business logic flaw incidents.

YYStoken in Context

At $28K, the YYStoken exploit is a minor (<$1M) event compared to the largest same-class incident in our archive — – EulerFinance (2023) at $200M.

Prior Business Logic Flaw Before YYStoken

The nearest business logic flaw incident before YYStoken was MineSTM, 2 days earlier on June 6, 2024 ($13.8K lost). The same exploit class surfaced again within the business logic flaw attack surface.

Impact & Recovery for YYStoken

YYStoken Loss Figure

The YYStoken exploit caused $28,000 in losses — a minor (<$1M) incident and the 86th largest of 188 documented in 2024.

Where YYStoken Sits Among Business Logic Flaw Attacks

Ranked by loss size, YYStoken is the 61st largest of 144 business logic flaw incidents documented. That puts the YYStoken loss below the class average of $6.08M.

Timeline Since the YYStoken Incident

The YYStoken exploit occurred 1.8 years ago (675 days). The contract, its fork-block, and the attack transaction remain on-chain and forensically reproducible.

FAQ

How much did YYStoken lose?

The YYStoken exploit in June 2024 resulted in $28,000 in losses — the 86th largest of 188 DeFi incidents that year.

When did the YYStoken hack happen?

The YYStoken exploit was recorded on June 8, 2024 — 675 days ago.

What type of exploit hit YYStoken?

The YYStoken incident is classified as a Business Logic Flaw. A business-logic bug in the contract — such as an incorrect formula or missing state update — lets the attacker withdraw more than their share.

How common is the Business Logic Flaw pattern seen at YYStoken?

Our archive contains 144 documented business logic flaw incidents. The YYStoken incident is one of them.

How does YYStoken compare to the largest Business Logic Flaw attack?

The largest business logic flaw incident in our archive is – EulerFinance (2023) at $200M. The YYStoken loss is $28K.

What challenges are highlighted in the quest for a more effective e-business framework?

Advantages are counterbalanced by limitations, and there are difficulties to be overcome.

What types of data are used as input for the prediction models?

Social data from Twitter and market data.