Aztec hit by second $2.1M exploit in less than a week: SlowMist

Security researchers warn that deprecated smart contracts can remain vulnerable long after projects stop maintaining them.

Deprecated Aztec infrastructure has suffered a second exploit within days, adding to concerns about the security of abandoned smart contract infrastructure.

Aztec’s private rollup bridge was exploited on Thursday for 1,158 Ether (ETH), 150,000 Dai (DAI) and 0.46 renBTC (RENBTC), totaling about $2.15 million, according to Cos, the co-founder of cybersecurity company SlowMist.

His preliminary analysis found that the attacker used a false rollup proof to trick the protocol into releasing assets from its reserves to the attacker's address.

Read more