Finst

Attacker Steals $2.1 Million From Aztec Connect Three Years After Shutdown

A flaw in the old proof verification logic made a multimillion-dollar theft possible, even though Aztec Connect had been out of maintenance for years. Read here what this says about legacy smart contracts.

By Zenz van der Wielen
• 2 min read
Attacker Steals $2.1 Million From Aztec Connect Three Years After Shutdown

Key Takeaways

  • On June 14, more than $2.1 million was stolen from Aztec Connect through a vulnerability in the proof verification logic.
  • Aztec Connect was shut down three years ago, and the immutable smart contracts have not been managed since then.
  • The attack does not affect the current Aztec network, but it shows the risks of outdated, unmanaged DeFi contracts.

On June 14, more than $2.1 million was stolen from Aztec Connect by an attacker who took advantage of a vulnerability in the platform's proof verification logic. This exploit happened even though Aztec Connect was shut down three years ago and the system has not been managed since then.

Background on Aztec Connect and the Exploit

Aztec Connect was a privacy-focused Layer 2 solution on Ethereum, designed to hide transaction details in DeFi applications using zero-knowledge proofs. In March 2023, Aztec Labs announced that Aztec Connect would be phased out, with plans to shut down the service by March 2024 at the latest and focus on building a new general-purpose encrypted blockchain. Aztec Connect's smart contracts are immutable and were no longer maintained after the deprecation.

The exploit happened because a contract function only checked part of the submitted proof data, while token transfer instructions elsewhere in the data were not properly verified. That let the attacker withdraw funds illegally and take about $2.19 million. Aztec Labs confirmed that it no longer has administrative rights or control over the system and cannot pause or upgrade it.

Impact and Broader Context in DeFi

The Aztec Foundation stressed that this attack does not affect the current Aztec network or the AZTEC ERC-20 token. Still, the incident highlights the risks that come with outdated and unmanaged smart contracts in decentralized finance. It is an example of how vulnerabilities in legacy systems can lead to major losses, even years after a platform has been shut down.

This attack comes shortly after an exploit at Raydium, where about $1.3 million was lost in attacks on old liquidity pools on the Solana network. According to DeFiLlama data, total losses from exploits in June came to about $43.93 million, which highlights the need for ongoing security attention in DeFi.

Why This Matters for European Crypto Users

For European DeFi users and investors, it is important to understand that even outdated and unmanaged smart contracts can still pose a security risk. This highlights the importance of careful risk assessment and keeping an eye on the security of the platforms you use, even if they are no longer being actively developed or managed. The incident may show that legacy contracts in the European crypto market can also be vulnerable to similar attacks.

Disclaimer: This content is for informational purposes only and does not constitute financial, investment, legal, or tax advice. The information provided may be incomplete, inaccurate, or outdated and should not be relied upon as such. Nothing on this website should be considered a recommendation to buy, sell, or hold any cryptocurrency. Investing in crypto-assets involves risk of loss.