Aevo to shut legacy Ribbon vaults after $2.7M exploit

The breach hit Ribbon’s DeFi Options Vaults on Ethereum, which stayed live after Ribbon rebranded to Aevo in 2023. Security researchers tied the incident to an oracle upgrade on Dec. 6 that allowed arbitrary expiry prices for newly added assets, enabling price manipulation and withdrawals.

Manipulation ran through price-feed proxies in the Opyn/Ribbon oracle stack. Expiry prices for wstETH, AAVE, LINK and WBTC were pushed into the shared oracle at a common timestamp. Anton Cheng of Monarch DeFi described the change as one that “let anyone set prices for new assets.” The vulnerability was specific to Ribbon’s oracle configuration and did not affect the underlying Opyn protocol, per Cheng.

Analysts first flagged unusual outflows and linked them to an exploit contract and a cluster of recipient wallets. The thief moved hundreds of ETH and large USDC balances, then dispersed funds to 15 addresses, many holding around 100 ETH. Aevo indicated the losses were concentrated in ETH and stablecoins.

In a post on X, the team announced all Ribbon vaults have been halted and will be decommissioned. While the vaults suffered about 32% in losses, withdrawals during a six-month claim window will carry a 19% reduction based on position value at the time of the hack. “We’re proposing to prioritize active users by granting them a smaller reduction upfront,” the team wrote.

Aevo noted two factors behind the smaller haircut: the Decentralized Autonomous Organization (DAO) will forfeit its own vault positions-about $400,000 across assets-to offset part of the shortfall, lowering net losses to roughly $2.3 million; and many of the largest historical depositors appear inactive. The claim window runs from Dec. 12 to June 12. After it closes, the DAO plans to liquidate remaining assets and distribute them to prior claimants, aiming to cover up to the missing 19% depending on what remains. The team added that the DAO “never promised or offered insurance on deposits.”

Aevo reiterated that core Layer 2 exchange operations were not impacted. The exploit was confined to the legacy Ribbon smart contracts, which will be retired.

Previously, an Anthropic research team showed that advanced AI agents could independently find and exploit smart contract bugs in simulation, using the SCONE-bench of 405 real-world hacked contracts. Ten models produced working exploits for 207 targets, equating to $550.1 million at historical prices. In separate tests on new Binance Smart Chain tokens, the agents uncovered two zero-day flaws and simulated $3,694 in profit. The study found that simulated exploit revenue doubled roughly every 1.3 months. Tests ran on private forks, not live networks.