Aztec Connect, the deprecated DeFi platform owned by Aztec Labs, suffered a $2.1 million crypto theft after an attacker exploited its verification function on Sunday.
Exploit Details
BlockSec identified a mismatch between the platform’s transaction verification and settlement logic on Ethereum. The attacker manipulated the verification path, allowing transactions to be credited without proper validation on the blockchain. By creating unbacked balances, the hacker withdrew assets seven times across seven different tokens.
Assets Stolen
The breach resulted in the loss of 909 Ether (ETH) and 270,000 Dai, together worth roughly $2.1 million at current market prices. The stolen Ether and Dai were transferred from the Aztec Connect smart contract, a move that did not affect users or assets on the active Aztec network.
DeFi Theft Context
According to DeFiLlama, the incident adds to a month‑long series of attacks that have drained $44 million from at least 12 platforms. The largest June exploit involved the Humanity Protocol, where $30 million vanished on June 8, followed by an $8 million loss from the Syscoin Bridge on June 7 due to a fake proof exploit. Investors remain wary as multiple high‑value breaches continue to erode confidence in decentralized finance.