Concentric attributed its January 2024 breach to a targeted social engineering attack in which a fake recruiter persuaded a team member to install malware during a supposed skills assessment. The compromise exposed the deployer wallet, allowing the attacker to transfer ownership of ConeCamelotFactory, upgrade vault implementations, and add an admin mint function used to drain assets from the vaults. Concentric reported 715.7 ETH in losses, worth about $1.7 million, with funds distributed across three wallets including one tagged as OKX Exploiter 2. The team said it was working with security experts, blockchain analytics providers, exchanges, and authorities to trace the funds and offered a $100,000 reward for recovery leads.