Aztec Connect exploited for $2.1M after deprecated contract targeted

Created at 15 Jun · 4:51 AM1 source↑ Market-relevant

IN SHORT

An attacker exploited a verification function in Aztec Connect's immutable smart contract, draining approximately $2.1 million in various cryptocurrencies. The incident highlights the risks associated with abandoned DeFi protocols, as the contract had been deprecated since March 2023.

Key Numbers

$2.1 millioncrypto stolen from Aztec Connect

909 ETHEther stolen

270,000 DAIDai stolen

March 2023Aztec Connect deprecated

Who's Involved

Aztec Labs

Investigating the exploit affecting Aztec Connect

BlockSec

Crypto security firm detailing the exploit mechanism

Param

Crypto developer commenting on immutable contracts

↳ Why This Matters

This exploit highlights the persistent security risks associated with deprecated DeFi protocols and immutable smart contracts, demonstrating that even abandoned platforms can be targeted, leading to significant financial losses and underscoring the need for ongoing vigilance in the cryptocurrency space.

Key facts

An attacker exploited Aztec Connect's smart contract, draining approximately $2.1 million in crypto assets.
The exploit targeted a verification function, exploiting a mismatch in how transactions were verified and settled.
The attacker created unbacked balances by manipulating the contract's interpretation of transaction lists.
The stolen assets included 909 Ether, 270,000 Dai, and wrapped staked ETH.
Aztec Connect was a deprecated DeFi platform, with its smart contract becoming immutable after March 2023.
The incident did not affect users or assets on the current Aztec Network.

Aztec Connect, a previously used decentralized finance platform, suffered an exploit resulting in the loss of approximately $2.1 million in cryptocurrency. The incident occurred on Sunday when an attacker leveraged a vulnerability in the platform's verification function within its immutable smart contract.

↳ Why This Matters

Key facts

An attacker exploited Aztec Connect's smart contract, draining approximately $2.1 million in crypto assets.

The exploit targeted a verification function, exploiting a mismatch in how transactions were verified and settled.

The attacker created unbacked balances by manipulating the contract's interpretation of transaction lists.

The stolen assets included 909 Ether, 270,000 Dai, and wrapped staked ETH.

Aztec Connect was a deprecated DeFi platform, with its smart contract becoming immutable after March 2023.

The incident did not affect users or assets on the current Aztec Network.

Aztec Connect exploited for $2.1M after deprecated contract targeted

Key Numbers

Who's Involved

↳ Why This Matters

Key facts

Aztec Connect exploited for $2.1M after deprecated contract targeted

Key Numbers

Who's Involved

↳ Why This Matters

Key facts

Frequently asked questions

What Happens Next

Get the newsletter.

How It Developed

Sources

Related Stories

Aztec Connect exploited for $2.1M after deprecated contract targeted

PiQ Daily

Key Numbers

Who's Involved

↳ Why This Matters

Key facts

Aztec Connect exploited for $2.1M after deprecated contract targeted

PiQ Daily

Key Numbers

Who's Involved

↳ Why This Matters

Key facts

Frequently asked questions

+ What is Aztec Connect?

+ How was the $2.1 million stolen?

+ Did this affect the current Aztec Network?

+ Can Aztec Labs recover the funds or pause the contract?

What Happens Next

Get the newsletter.

How It Developed

Sources

Related Stories