$4.2M Exploit Hits Makina Finance, 1,300 ETH Drained: Details

Here’s how an attacker stole more than $4 million from the Makina Finance protocol, and is likely cooking up a laundering strategy.

Makina Finance suffered a major setback this morning when an attacker targeted the platform and walked away with millions in digital assets. 

So far, the incident shows again how rampant hacks and thefts have become in the crypto space today.

The Details of the Makina Finance Attack

The hack in question hit the Makina Finance DUSD/USDC CurveStable pool during the early hours of Tuesday. 

PeckShieldAlert was the first to flag the suspicious activity and according to their data, the exploiter managed to drain about 1,299 ETH. At the time of the hack, these tokens were worth roughly $4.13 million.

The attacker did not waste any time in swapping the stolen assets into Ethereum after pulling the funds.

Hackers tend to do this because ETH provides higher liquidity and is much easier to move without triggering red flags. 

It also allowed the culprit to stabilise their gains before investigators could freeze the original tokens.

How the Hacker Used MEV to Hide

On-chain data shows that the hacker routed the funds through an MEV builder address.

This method helps to blur the transaction path, and by using an MEV builder, the attacker made it much harder for analysts to track the funds.

After the routing process, the ETH was split between two wallets.

One wallet currently holds 1,023 ETH (which is worth roughly $3.3 million), and a second wallet contains 276 ETH (worth nearly $880,000). 

Flash loans are popular among hackers because they allow anyone to borrow massive amounts of capital without collateral, as long as they pay it back in the same block. 

After draining the pool, the hacker used this borrowed money to flood the DUSD/USDC pool and manipulate prices.

RelatedReading: Hacker Who Stole $282 million Last Week, Launders $63M Via Tornado Cash: CertiK

Bots Join the Chaos

Another strange factor in this incident is that the hacker was not the only one making money during the Makina Finance event.

An MEV builder bot actually stepped in amid the chaos and front-ran part of the transaction. 

These bots scan the network for profitable opportunities and try to cut in line.

While the bot only made about 0.13 ETH, the fact that this happened, shows just how aggressive the Ethereum environment has become. 

As of this writing, Makina Finance has not released an official update. There is no word on how they plan to recover the funds or if users will be reimbursed and this silence has created a lot of worry in the community. 

Overall, the new year has only just begun, and is already seeing severalheavy attacks. 

For now, the stolen $4.2 million is still idle in the hacker’s wallets and investigators will continue to monitor the blockchain for any movement. 

If the funds move to an exchange, there may be a chance to freeze them. However, if the attacker uses a privacy tool, the money could be gone forever.

The post $4.2M Exploit Hits Makina Finance, 1,300 ETH Drained: Details appeared first on Live Bitcoin News.