close
Cryip
  • Home
  • News
  • Research & Analysis
  • Reviews & Comparisons
  • Learn Crypto
  • Features
  • Events
No Result
View All Result
Cryip
  • Home
  • News
  • Research & Analysis
  • Reviews & Comparisons
  • Learn Crypto
  • Features
  • Events
No Result
View All Result
Cryip
No Result
View All Result
Home News Security & Hacks

Aztec Connect Exploit Drains $2.19M From Deprecated Protocol, Aztec Network Safe

A flaw in Aztec Connect's legacy RollupProcessorV3 contract allowed an attacker to bypass validation checks and withdraw over $2.19 million in ETH, DAI, and other assets from the deprecated protocol.

Saravana Kumar Mahendran by Saravana Kumar Mahendran
June 15, 2026 - Updated on June 16, 2026
in Security & Hacks
0 0
Aztec Connect Exploit Drains $2.19M From Deprecated Protocol, Aztec Network Safe

Created By cryip

Share on FacebookShare on Twitter
MakeCryipCryippreferred onGoogle

Aztec Labs has confirmed that an attacker exploited a vulnerability in its long-deprecated Aztec Connect protocol on Ethereum, draining approximately $2.19 million worth of digital assets on June 14, 2026.The incident occurred at approximately 12:26 UTC (block 25,315,715). The attacker, operating from the externally owned address 0x0f18…edd17 (previously funded via Tornado Cash), targeted the RollupProcessorV3 contract. The exploit comes amid a broader rise in smart contract attacks across the industry. Earlier this month, attackers exploited a hidden swap loophole in the ATM Token protocol on BNB Chain, resulting in the loss of approximately $243,500 and raising fresh concerns about overlooked contract vulnerabilities.

In a single sophisticated transaction, the exploiter executed unauthorized operations and withdrew 908.99 ETH (~$1.565 million), 270,513 DAI, 167.89 wstETH (~$357,000), along with smaller amounts of yvDAI, yvWETH, LUSD, and yvLUSD. Aztec Labs issued an official statement confirming the exploit and stressing that the affected system is completely separate from its current network. Security researchers responded rapidly CertiK flagged the suspicious transaction around 13:52 UTC.

We are investigating a potential exploit affecting Aztec Connect. ~$2.1m was transferred from the immutable smart contract in transaction:https://t.co/5WrfeR8bbJ

Aztec Connect was deprecated 3 years ago. Aztec Labs holds no admin keys or control over the system; it cannot be…

— Aztec Labs (@AztecLabs_) June 14, 2026

According to security analyses, the root cause was a critical mismatch in the processRollup() function of the RollupProcessorV3 contract. The zero-knowledge proof verification logic and the Layer-1 settlement logic handled transaction data differently. This allowed the attacker to craft a malicious rollup proof using the numRealTxs parameter mismatch, inserting unbacked balances and bypassing deposit, signature, and withdrawal validations. The attacker reportedly used 14 batched rollup IDs (13277 to 13290) to extract funds from the Aztec Connect Router contract. The immutable and unpausable nature of the deprecated contract made the proof validation bypass possible.

Similar security weaknesses have recently been observed elsewhere in the DeFi sector. In a separate incident on Solana, an exploit involving dormant Raydium AMM V3 liquidity pools enabled attackers to manipulate abandoned pools and extract more than $1.34 million in assets.

Related Story

Ethereum User Loses Nearly $1 Million USDT in Phishing Token Approval Exploit

Phishing Approval Drains 999K USDT From Ethereum Wallet

July 9, 2026
Ctrl Wallet to Permanently Shut Down

Ctrl Wallet to Permanently Shut Down on August 3 After Cardano Security Exploit

July 7, 2026

The attack was executed through a specially crafted rollup submission that passed zk-proof verification while manipulating the transaction count processed by the settlement logic. As a result, the contract recognized balances that were never legitimately deposited, enabling the attacker to mint and withdraw assets from the protocol. The fraudulent rollup was finalized on-chain, after which the attacker transferred the extracted funds to attacker-controlled addresses through a series of transactions originating from the exploit transaction 0x074ec9…eeb1. The transaction effectively served as the entry point for the malicious rollup, triggering the proof-validation bypass and initiating the unauthorized fund withdrawals.

In its official statement on June 14, Aztec Labs clarified:

“Aztec Connect was deprecated 3 years ago. Aztec Labs holds no admin keys or control over the system; it cannot be paused or upgraded by us.”

The team strongly emphasized that this exploit has zero impact on the current Aztec Network, its active smart contracts, or the AZTEC token. Users were reminded that they had been advised multiple times in the past to withdraw funds from the legacy system.

AZTEC token
AZTEC token

The exploit has had minimal impact on the AZTEC token. According to CoinMarketCap, as of June 15, 2026, 05:33 AM UTC, AZTEC is trading at approximately $0.01586, with a 24-hour price increase of around 5.1% – 5.3%. The token reached a 24-hour high of $0.01711 and a low of $0.01584.

This incident is the latest example of attacks on “zombie contracts”, abandoned yet still funded legacy protocols that remain vulnerable long after official deprecation. Aztec Connect, originally launched in 2022 as a privacy-focused zk-rollup bridge, was deprecated in 2023. By 2024, all administrative controls had been relinquished.The event underscores key challenges in the blockchain space: ensuring complete end-to-end verification between proof systems and on-chain logic, maintaining rigorous security standards even for legacy upgrades, and executing clean deprecation with full fund migration.

The risks are not limited to legacy bridge protocols. Recent incidents such as the StablR exploit, which resulted in the unauthorized minting of millions of USDR and EURR tokens, demonstrate how flaws in token issuance and validation mechanisms can also threaten the stability of decentralized financial systems. Note on Recent Developments: The current Aztec Network continues to operate separately and has a planned fix for a critical bug in its Alpha v4 proving system scheduled for July 2026. Users have been advised to limit deposits until the upgrade is complete.

Disclaimer: Cryip is an independent media and research outlet providing news, data, and analysis on the cryptocurrency industry. Content is for informational and research purposes only and does not constitute financial, legal, tax, or investment advice. Cryptocurrency markets are volatile and past performance is not indicative of future results. References to specific assets, platforms, or incidents are for journalistic purposes only and do not imply endorsement, and readers assume full responsibility for their decisions.
Tags: Crypto Hacks

Related Posts

Ethereum User Loses Nearly $1 Million USDT in Phishing Token Approval Exploit
Security & Hacks

Phishing Approval Drains 999K USDT From Ethereum Wallet

by Saravana Kumar Mahendran
July 9, 2026

An Ethereum user lost nearly $1 million in USDT after signing a malicious token approval transaction on July 9, 2026....

Read moreDetails
Ctrl Wallet to Permanently Shut Down

Ctrl Wallet to Permanently Shut Down on August 3 After Cardano Security Exploit

July 7, 2026
Trader Loses $2M After ETH Swap to LIT Routes Through AVAIL Pool

Trader Loses $2M After ETH Swap to LIT Routes Through AVAIL Pool

July 7, 2026
Web3 Security Losses Hit $1.31 Billion

Web3 Security Losses Hit $1.31 Billion in H1 2026 as Drift Protocol Hack Tops $285M

July 7, 2026

Bonk DAO Lose $20 Million in Governance Attack as BONK Price Drop Over 9%

July 7, 2026
Summer.fi Drained of $6 Million

Summer.fi Drained of $6 Million in Flash Loan Exploit on LazyVault

July 6, 2026
Ill Bloom Vulnerability Puts Thousands of Crypto Wallets at Risk

Ill Bloom Vulnerability Puts Thousands of Crypto Wallets at Risk

July 6, 2026
Next Post
Upcoming Crypto Token Unlocks $86.21M in Supply Across 31 Crypto Projects (June 15–21, 2026)

Upcoming Crypto Token Unlocks: $86.21M in Supply Across 31 Crypto Projects (June 15–21, 2026)

Bitbank Warns Polymarket Users of Account Suspensions Amid Gambling Concerns

Bitbank Warns Polymarket Users of Account Suspensions Amid Gambling Concerns

Recommended

  • All
  • News
BitGo Introduces Quantum Risk Management Tools for Bitcoin Wallets

BitGo Launches Quantum Risk Management Tools for Bitcoin Wallets to Prepare for Future Quantum Threats

July 9, 2026
Circle Faces Wisconsin Criminal Complaint Over Stolen USDC Recovery Dispute

Circle Faces Criminal Complaint Over Alleged Refusal to Recover Stolen USDC

July 9, 2026
SWIFT Launches Blockchain Ledger as 17 Banks Pilot Tokenized Cross-Border Payments

SWIFT Launches Blockchain Ledger as 17 Banks Pilot Tokenized Cross-Border Payments

July 9, 2026
Sony Secures Conditional U.S. Approval for Stablecoin Trust Bank

Sony Secures Conditional U.S. Approval for Stablecoin Trust Bank

July 9, 2026
SWIFT Launches Blockchain Ledger as 17 Banks Pilot Tokenized Cross-Border Payments

SWIFT Launches Blockchain Ledger as 17 Banks Pilot Tokenized Cross-Border Payments

July 9, 2026
Sony Secures Conditional U.S. Approval for Stablecoin Trust Bank

Sony Secures Conditional U.S. Approval for Stablecoin Trust Bank

July 9, 2026
INTERPOL Operation First Light 2026 Leads to 5,811 Arrests in Global Fraud Crackdown

INTERPOL Operation First Light 2026 Leads to 5,811 Arrests in Global Fraud Crackdown

July 9, 2026
Hyundai Card Finishes USDT Cross-Border Payment Pilot on Avalanche

Hyundai Card Finishes USDT Cross-Border Payment Pilot on Avalanche

July 9, 2026

Cryip focuses on crypto research and on-chain analysis, supported by coverage of markets, regulation, security events, and blockchain ecosystems.

Recent Posts

  • Gauntlet Secures $125M Investment From SBI Holdings to Expand Institutional DeFi
  • AEON Expands to Bolivia, Deploying OpenBCB National QR Rails to Anchor Global Agentic Commerce
  • BitGo Launches Quantum Risk Management Tools for Bitcoin Wallets to Prepare for Future Quantum Threats

Categories

  • AI × Crypto
  • Data & Dashboards
  • DeFi Basics
  • Investing Basics
  • Market & Price
  • Market Updates
  • On-Chain Analysis
  • OpSec
  • Policy & Regulation
  • Post Mortems
  • Press Release
  • Reports
  • Scams & Fraud
  • Security & Hacks
  • Stablecoins
  • Tokenomics
  • VC & Funding
  • Wallets & Custody

Company

  • About Us
  • Contact Us
  • Editorial Standards & Integrity
  • Our Team
  • Privacy Policy
  • Review Methodology
  • Terms and Conditions
  • Trust, Disclosures & Independence

© 2026 Cryip - Research-Driven Crypto Analysis & News by Hashlays.

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In

Add New Playlist

No Result
View All Result
  • Home
  • News
  • Research & Analysis
  • Reviews & Comparisons
  • Learn Crypto
  • Features
  • Events

© 2026 Cryip - Research-Driven Crypto Analysis & News by Hashlays.

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.