The developers of the privacy-oriented Ethereum solution Aztec Network reported an attack on an outdated smart contract, as a result of which the attacker withdrew about $2.1 million.
The incident affected the Aztec Connect platform — a solution for private transactions whose support was discontinued back in 2023. Despite the end of servicing, some funds remained locked in the protocol's infrastructure.
The team assured that the project's active network and users' assets were not affected.
BlockSec experts linked the incident to a mismatch between the verification of transactions and their settlement in Ethereum. Because of differences in how the verification path and the operations logic interpreted the transaction list, the contract could credit value without verification on the L1 blockchain.
The attacker created unbacked balances and withdrew the funds. The attack was carried out across seven assets.
Certik listed among the stolen items: 909 ETH, 270,000 DAI, 167 wstETH and a number of other cryptocurrencies.
Aztec Connect was launched in 2022 as a DeFi bridge. In March 2023, the platform stopped accepting deposits, and the team shifted resources to Aztec Network.
The developers stated that they hold no administrative keys and do not control the system, so they cannot pause or update it.
Recall that in November 2025, the project launched the L2 protocol Ignition Chain on Ethereum, positioning it as «the first fully decentralized layer-two solution».
Source: ForkLog
Новости в мире криптовалют
Random quote about money
"Щедрость доходнее скупости."
Interesting posts in other sections of the blog
* to search the proxy database, just enter a country name, e.g. Russia, USA, Thailand