2026-01-21 01:21:08

Multi-chain DeFi execution engine Makina has just experienced an malicious attack. The incident was caused by a vulnerability that the hackers exploited—by manipulating the pool prices, they artificially inflated the asset value of liquidity providers, then carried out arbitrage attacks. This resulted in a loss of 5.07 million USDC.

But here’s an important point: not all users were affected. Only users providing liquidity to the Curve DUSD/USDC pool were impacted, while users holding DUSD, Pendle, and Gearbox positions were spared.

The good news is that the Makina team has already taken action. They have not only obtained clues about the hacker’s identity and are actively reaching out, but also made a snapshot backup of the Curve DUSD/USDC pool in advance. For users still providing liquidity in the pool, the official recommends unilateral withdrawal to DUSD and to wait for further notice. Meanwhile, the team is pushing forward with additional measures—disabling recovery mode and re-enabling the redemption function—to restore normal operations as soon as possible.

CRV-2,35%

PENDLE0,83%

GEAR-8,85%

View Original

This page may contain third-party content, which is provided for information purposes only (not representations/warranties) and should not be considered as an endorsement of its views by Gate, nor as financial or professional advice. See Disclaimer for details.

15 Likes

Reward
15
5
Repost
Share

Comment

0/400

screenshot_gains

· 8h ago

It's another liquidity mining incident, 5.07 million USDC lost. This one really hurts. Fortunately, I wasn't in that Curve pool, or I'd be waiting in line for compensation again. The Makina team responded pretty quickly, at least they took a snapshot, have clues, and backups—much better than those who ran away before. Now, the guys in the DUSD/USDC pool have to withdraw DUSD unilaterally? Seems like it's better to wait and see; the risk hasn't been fully released yet. This kind of attack strategy is getting more and more sophisticated—artificially inflating the book value and then arbitraging. Hackers are really clever.

View OriginalReply0

HalfBuddhaMoney

· 8h ago

Once again, an LP pool issue, this time 5.07 million gone... Luckily, I didn't play on Curve. --- The hacker's method is still the same, manipulating prices to artificially inflate the book value and then arbitraging, old tricks. --- Only harming LPs and not token holders? Then I should be glad I didn't add liquidity. --- Makina's response speed is pretty good; they even did a snapshot backup. At least their stance looks reliable. --- Wait, they said they have a lead on the hacker? If they can really recover the funds, that would be interesting. --- Don't touch the DUSD/USDC pool for now; wait for official news. --- There's only one vulnerability, and the hacker made 5.07 million. Is DeFi this fragile? --- The redemption function needs to be re-enabled. How long will user funds be locked during this period? --- Wow, artificially inflating asset value and then arbitraging—this idea is brilliant. --- As long as I haven't provided liquidity, it has nothing to do with me. Comfortable.

View OriginalReply0

VitalikFanboy42

· 8h ago

5.07 million USDC is gone just like that, it hurts a bit, buddy. It's liquidity pools again, and price manipulation. These tricks are really everywhere now. Luckily, I wasn't in that Curve pool, or it would have been over. The Makina team responded pretty quickly, at least they have backups... That's what professionalism looks like. Wait, can they really catch up to the hacker? I'm a bit skeptical. The risks of liquidity mining, I’ve really learned my lesson this time. With a unilateral withdrawal to DUSD? Still feels a bit risky, who knows what they'll do next. This is DeFi — you can get rich overnight, but you can also lose everything overnight... Better to be cautious.

View OriginalReply0

LightningSentry

· 8h ago

It's the LP's fault again. This time, I really need to learn my lesson. --- 5.07 million dollars just gone like that, damn... --- Fortunately, I wasn't in that pool, dodged a bullet. --- Makina responded pretty quickly, at least there's a backup. --- When will this kind of vulnerability be completely resolved? --- May I ask if the hacker has been caught now? Or is it another fruitless effort? --- Curve also needs to be audited, can't just blame Makina. --- LP is really a high-risk profession, a huge loss.

View OriginalReply0

AmateurDAOWatcher

· 9h ago

5.07 million USDC lost, this time it's again liquidity providers getting exploited. That said, the Makina team responded quite quickly, at least they have backups... but these kinds of vulnerabilities really make people feel uneasy. --- It's another case of price manipulation. When will DeFi's tricks finally be fully resolved? --- Fortunately, only the DUSD/USDC pool was affected. If the entire platform had fallen, it would have been truly hopeless. --- Is the hacker locked down? We'll have to see if they can really recover the funds later; otherwise, it's all just talk. --- Single-sided withdrawal to DUSD and then wait for updates... it seems LPs might be forced to become the bagholders this time. --- Makina didn't do too badly, at least they have snapshots, clues, and remediation plans. But I'm worried there might be more surprises later. --- Over five million just gone like that. No wonder people are watching DeFi cautiously... the risks are always there.

View OriginalReply0