Decentralized finance protocol Makina Finance is under scrutiny after a suspected smart contract exploit resulted in approximately $5 million in losses from one of its stablecoin liquidity pools. The incident highlights ongoing security risks facing DeFi platforms despite growing institutional participation.
Blockchain security analysts reported that the exploit was carried out using a $280 million USDC flash loan, allowing the attacker to temporarily access large liquidity without upfront collateral. A significant portion of the borrowed funds was used to manipulate the on-chain pricing oracle, creating artificial conditions that enabled assets to be drained from the DUSD/USDC stablecoin pool.
Investigators detailed that about $170 million was deployed to distort oracle pricing, while the remaining amount was traded against a pool holding roughly $5 million in liquidity, effectively emptying it. Estimates of the total loss vary slightly across security firms, ranging between $4.1 million and $5.1 million.
Following the exploit, a large share of the funds was reportedly captured by an MEV builder, leaving the remaining balance spread across two blockchain addresses. The protocol has not formally confirmed the exploit, stating only that it is verifying reports of a potential incident and that the issue appears limited to specific liquidity provider positions.
This event adds to a year already marked by billions of dollars in crypto-related theft, reinforcing concerns around oracle design, flash loan resistance, and risk management across DeFi infrastructure.
Disclaimer
This content is for informational purposes only and does not constitute financial, investment, or legal advice. Cryptocurrency trading involves risk and may result in financial loss.