Decentralized finance protocol Makina Finance has suffered a multimillion-dollar exploit after an attacker drained funds from one of its stablecoin liquidity pools, according to blockchain security firm CertiK.

CertiK said the incident involved a sophisticated flash-loan attack that resulted in roughly $5 million in losses. The firm flagged the exploit on Tuesday, noting that the attacker briefly borrowed a large amount of capital to manipulate pricing data relied on by the protocol’s smart contracts.

Makina Finance, which launched in February 2025, positions itself as a DeFi execution engine offering institutional-grade strategy vaults. Data from DefiLlama shows the protocol held about $100 million in total value locked before the incident.

CertiK Official Announcement.

How the exploit unfolded

According to CertiK’s technical breakdown, the attacker used a 280 million USDC flash loan to interfere with the pricing mechanism of Makina’s DUSD/USDC Curve pool. About 170 million USDC was used to distort the MachineShareOracle, which supplies price data to the pool.

Once the oracle was skewed, the attacker swapped roughly 110 million USDC against a pool holding close to $5 million in assets, allowing the funds to be drained at manipulated prices. The flash loan was then repaid within the same transaction, leaving the protocol with the loss.

Other security firms published slightly different estimates. GoPlus Security placed the damage at around $5.1 million, while PeckShield reported losses equivalent to approximately $4.13 million in ether.

CertiK also noted that an MEV builder captured a significant share of the exploited funds, intercepting about $4.14 million during transaction ordering. MEV extraction has increasingly complicated post-exploit fund recovery, as third parties can legally claim profits generated by on-chain arbitrage.

Team response remains limited

Makina Finance has not formally acknowledged the exploit on its official X or Telegram channels. In a message posted to the project’s Discord server early Tuesday, the team said it was aware of reports describing a potential incident and was still verifying the details.

A follow-up message roughly two hours later suggested the issue appeared confined to DUSD liquidity provider positions on Curve. The team advised LPs to withdraw funds as a precaution, though it stopped short of confirming any losses.

The Block said it contacted Makina Finance for comment but had not received a response at the time of publication.

A familiar pattern in DeFi attacks

The Makina exploit fits into a broader trend of oracle manipulation attacks that rely on flash loans and thin liquidity pools. By temporarily controlling pricing inputs, attackers can extract value without leaving obvious traces in the contract code itself.

Blockchain analytics firm Chainalysis reported that cryptocurrency theft exceeded $3.4 billion in 2025, with a sharp rise in exploits targeting DeFi infrastructure. A significant share of those losses stemmed from smart contract vulnerabilities and price manipulation strategies rather than direct key compromises.

CertiK highlights post-theft laundering risks

In a separate investigation, CertiK recently traced about $63 million in Tornado Cash deposits to a $282 million cryptocurrency wallet compromise that occurred on Jan. 10. While unrelated to Makina Finance, the findings illustrate how quickly stolen funds can become difficult to recover once attackers begin laundering proceeds.

CertiK’s analysis showed that hundreds of bitcoin were bridged to Ethereum, converted into ether, and split across multiple wallets before being routed into Tornado Cash. Security researchers say this pattern, involving cross-chain transfers and fund fragmentation, remains one of the most effective ways to obscure on-chain trails.

Pump.fun Launches Pump Fund in First Major Shift Beyond Memecoins | HODL FM
Pump.fun has introduced a new investment arm, marking its most…
hodl-post-imageHODL FM: The Wildest Ride in the Crypto MarketGunel Ismayilova
hodl-post-image

Disclaimer: All materials on this site are for informational purposes only. None of the material should be interpreted as investment advice. Please note that despite the nature of much of the material created and hosted on this website, HODL FM is not a financial reference resource, and the opinions of authors and other contributors are their own and should not be taken as financial advice. If you require adviceHODL FM strongly recommends contacting a qualified industry professional.