Hope Finance: Insider Exit Scam — Malicious Fake Router Pre-Deployed

Summary #

Hope Finance suffered a Algorithmic Stablecoin (Tomb Fork) on 2023-02-20, resulting in a loss of approximately $2M.

What happened #

Hope Finance's team deployed a fake swap router and configured the protocol to use it (signed by all 3 multisig owners) before launch, then drained $1.86M in WETH and USDC the moment `openTrade()` was first called.

Linked factors #

• RD-F-006 — causal : Audit-deploy gap (RD-F-006 time between audit and deploy) [via dashboard_risk_factors/Exploited code newly deployed/upgraded?: Yes — fresh launch deployment] || Audit-deploy gap — alternate field name [via dashboard_risk_factors/Exploited code newly deployed/upgraded?: Yes — fresh launch deployment]
• RD-F-007 — causal : Direct: bug bounty presence + max payout [via cross-hack: Factor 9: No Bug Bounty Program] || Bug bounty absent — baseline integrity gap [via dashboard_risk_factors/Bug bounty: No]
• RD-F-027 — causal : ★ Single admin EOA — when value mentions key compromise [via realtime_signals/Governance/admin action: Y — the SwapHelper config update was the trigger; signed by all 3 multisig owners]
• RD-F-043 — causal : ★ Admin = deployer EOA + no multisig transfer within 7 days [via cross-hack: Factor 24: Retained Developer Admin Role Post-Deployment]
• RD-F-101 — illustrative : Large governance proposal queued — RT signal would have fired [via realtime_signals/Governance/admin action: Y — the SwapHelper config update was the trigger; signed by all 3 multisig owners]
• RD-F-126 — causal : Is-a-fork-of (Cat 8 anchor) [via dashboard_risk_factors/Forked?: Yes (Tomb fork / algorithmic stablecoin template)]
• RD-F-146 — related : New deploys in last 30 days — fresh attack surface [via dashboard_risk_factors/Exploited code newly deployed/upgraded?: Yes — fresh launch deployment]