Summary
MonoSwap is a decentralized exchange (DEX) and launchpad built on the Blast L2 network that launched in late February 2024. On July 24, 2024, the protocol was compromised via a social engineering attack in which a developer was tricked into installing infostealer malware disguised as a video conferencing app, allowing attackers to drain approximately $1.3 million in staked liquidity. The stolen funds were subsequently laundered through Tornado Cash, and the protocol has remained largely inactive with negligible TVL since the incident.
Connected Entities
2 entitiesTimeline(8 events)
2024-02-01
MonoSwap launches on Blast L2 mainnet coinciding with Blast's mainnet launch
2024-04-01
MonoSwap TVL peaks at approximately $2.8 million
2024-07-23
MonoSwap developer installs counterfeit Kakao video conferencing application (kakaocall[.]kr) during a call with individuals posing as venture capitalists; infostealer malware extracts private keys
2024-07-24
MonoSwap publicly discloses the hack via X (Twitter), advising users not to deposit funds or stake and to withdraw immediately; attackers drain most staked liquidity positions
2024-07-25
SlowMist publishes analysis of kakaocall[.]kr phishing infrastructure; links it to broader coordinated social engineering campaign; same phishing domain found in compromised @OurTinTinLand tweet
2024-07-25
Multiple security outlets confirm approximately $1.3 million in losses laundered through Tornado Cash
2024-07-25
MonoSwap states it is investigating and 'planning refund options'
2026-05-01
MonoSwap V3 TVL remains at approximately $95,000; no evidence of refund program or recovery; protocol effectively dormant
Decision Log
- hash: Ei98RMyTWmdVpJZ5nkyTT2ZK3o2jQa2Mm6DxovHoagW9
This investigation is cryptographically anchored to the Solana blockchain and source URLs are archived via the Internet Archive.
model: claude-sonnet-4-6
generated: 5/4/2026, 2:54:30 AM
last updated: 5/28/2026, 3:34:38 AM
avoid.net — verified advice for a post-truth world