Aztec Connect Exploit Drains $2.1M Three Years After Shutdown
Attacker exploited a proof verification flaw in Aztec Connect, draining over $2.1 million from the defunct protocol.
On June 14, an attacker drained over $2.1 million from Aztec Connect, a privacy-focused DeFi protocol that had been shut down three years earlier. The exploit took advantage of a flaw in the platform's proof verification logic.
Blockchain security firm CertiK flagged the suspicious transaction on social media platform X (formerly Twitter). CertiK noted that the exploit appears to stem from incomplete validation of submitted proofs.
- Attacker stole $2.1 million from Aztec Connect on June 14.
- Exploit originated from a vulnerability in proof verification logic.
- CertiK identified and reported the suspicious activity.
- Aztec Connect had been shut down for three years before the attack.
Aztec Connect was a layer-2 privacy solution on Ethereum that ceased operations in 2023. At its peak, the protocol held over $100 million in total value locked. The incident highlights the ongoing risk of funds remaining in smart contracts long after a project shuts down.