Makina Finance loses $5M in stablecoin-pool exploit

Makina Finance positions itself as institutional-grade vault infrastructure and has accumulated more than $100 million in TVL since launching in February 2025. The incident is one of the most significant setbacks the project has faced.

CertiK’s analysis shows the attacker took a 280 million USDC flash loan and used 170 million to manipulate the MachineShareOracle – the pricing source for the DUSD/USDC Curve pool. The attacker then swapped the remaining 110 million USDC for pool assets, draining about $5 million in liquidity.

Damage estimates vary:

• GoPlus Security reports $5.1 million in losses;
• PeckShield records roughly $4.13 million denominated in ETH;
• CertiK says about $4.14 million was captured by a MEV actor.

In other words, the exploiter did not receive the full amount drained; much of it was intercepted through MEV.

Makina Finance has not formally acknowledged the exploit but confirmed it is investigating. In a Discord statement, the team said it is “aware of circulating posts about a potential incident” and is reviewing the situation. Later, developers clarified that the issue appears limited to DUSD LP positions on Curve and advised liquidity providers to withdraw funds.

At publication time, the funds remain split between two addresses controlled by the attacker and a MEV builder.

The incident comes amid a broader rise in crypto hacks over the past year. According to Chainalysis, total losses in 2025 exceeded $3.41 billion, with more than $2 billion linked to activity attributed to North Korean hacking groups.

Macro conditions continue to pressure the DeFi sector: complex pool architectures and oracle dependencies have become common failure points. The Makina Finance exploit highlights how vulnerable even relatively new protocols with substantial TVL can be.

The team says the investigation is ongoing and will provide updates once all data is verified.