Aztec (AZTEC)

Crypto: Second hack in seven days for Aztec Network The digital assets sector faces a new alert after an incident affecting $AZTEC. The network suffered a second hack within a week, this time via its private routing bridge. The attack resulted in the theft of multiple digital assets valued at over $2 million. This event reignites questions about the security of the infrastructure used in the crypto ecosystem and the protocols' ability to protect users' funds.

Crypto : Second hacking in Seven Days for Aztec Network The digital asset sector faces a new alert after an incident affecting $AZTEC. The network suffered a second hacking within a week, this time via its private routing bridge. The attack resulted in the theft of several digital assets worth over 2 million dollars. This event raises questions about the security of infrastructures used in the crypto ecosystem and the protocols’ ability to protect users’ funds.

Aztec Labs: The contract from which about $2 million was stolen is an old payment product deprecated in 2021, and the team has no control. Aztec Labs responded to the repeat theft, stating that the attacked contract is a Stage 2 Rollup version that was deprecated in 2021 and deactivated in 2022, an immutable contract. The team does not hold admin keys and cannot pause or upgrade it. Approximately $2 million was transferred from that contract. The Aztec Foundation added that this incident is unrelated to any smart contracts on the current network or the AZTEC ERC20 token, and is independent from the attack on the Aztec Connect product on June 14.

SlowMist "Aztec hacking suspected…$2.15 million asset transfer" https://t.co/0nAW0s7FS6 https://t.co/Hzsx30ABK

zkKYC -> zkKYA -> Agentic [?] Unbound https://t.co/HrYvxEBPB4

According to BlockSec Phalcon analysis, the actual root cause of the Aztec incident is a mismatch between the verified Rollup transaction set and the L1 settlement processing boundary (numRealTxs / _numTxs), leading to a different interpretation of the transaction list by the ZK proof verification path and the L1 settlement logic. An attacker can set numRealTxs to 1 and place the real deposit transaction into the second decoded transaction slot, thereby bypassing the corresponding L1 signature verification and pending deposit balance deduction, creating a private balance without asset backing and withdrawing it. BlockSec states that the attacker first recorded unsupported balances of seven different assets in the Rollup state, then withdrew the assets through seven withdrawals; additionally, RollupProcessorV3 was upgraded on April 10, 2024 via PR #67, but this upgrade does not appear to have undergone external audit before deployment. https://t.co/LuI3Hf4EeL

Aztec Foundation “Attacked Aztec Connect, a system decommissioned three years ago” https://t.co/x1bzTgmjmo https://t.co/ANUbsRwizf

Aztec Foundation: The attacked Aztec Connect has been deprecated for three years and cannot be intervened The Aztec Foundation states that it is aware of a suspected vulnerability attack on Aztec Connect, but this product is unrelated to the AZTEC ERC20 token or the current Aztec network. Aztec Connect was deprecated three years ago, and Aztec Labs no longer holds any control over the system, unable to pause or upgrade contracts.