{"id":74210,"date":"2026-06-18T12:21:54","date_gmt":"2026-06-18T12:21:54","guid":{"rendered":"https:\/\/crowdfundjunction.com\/blog\/aztec-network-loses-over-4-million-in-three-days-to-two-subsequent-hacks\/"},"modified":"2026-06-18T12:21:54","modified_gmt":"2026-06-18T12:21:54","slug":"aztec-network-loses-over-4-million-in-three-days-to-two-subsequent-hacks","status":"publish","type":"post","link":"https:\/\/crowdfundjunction.com\/blog\/aztec-network-loses-over-4-million-in-three-days-to-two-subsequent-hacks\/","title":{"rendered":"Aztec Network loses over $4 million in three days to two subsequent hacks"},"content":{"rendered":"<p><b>(Originally posted on : CoinJournal: Latest Crypto News, Altcoin News and Cryptocurrency Comparison )<\/b><br \/>\n<\/p>\n<div data-site=\"CoinJournal\">\n<div class=\"-mt-16  mb-8  lg:-mt-20  rounded-md  shadow-md\">\n<div class=\"relative  z-10  post-article-image  rounded  overflow-hidden\" data-site=\"CoinJournal\">\n<picture><source srcset=\"https:\/\/coinjournal.net\/wp-content\/uploads\/imagecache\/2026\/06\/Aztec-Network-loses-over-4-million-smartcrop-750x375.webp\" type=\"image\/webp\" media=\"(min-width: 750px)\"\/><source srcset=\"https:\/\/coinjournal.net\/wp-content\/uploads\/imagecache\/2026\/06\/Aztec-Network-loses-over-4-million-smartcrop-363x181.webp\" type=\"image\/webp\"\/><source srcset=\"https:\/\/coinjournal.net\/wp-content\/uploads\/imagecache\/2026\/06\/Aztec-Network-loses-over-4-million-smartcrop-750x375.png\" type=\"image\/jpeg\" media=\"(min-width: 750px)\"\/><source srcset=\"https:\/\/coinjournal.net\/wp-content\/uploads\/imagecache\/2026\/06\/Aztec-Network-loses-over-4-million-smartcrop-363x181.png\" type=\"image\/jpeg\"\/>\n<\/picture>                            <\/div>\n<\/p><\/div>\n<ul>\n<li>Legacy Aztec Network contracts were drained of over $4M in three days.<\/li>\n<li>Attacks exploited flaws in zero-knowledge proof verification logic.<\/li>\n<li>The core Aztec network and AZTEC token were not affected by the exploits.<\/li>\n<\/ul>\n<p>Aztec\u2019s legacy infrastructure has come under a coordinated wave of attacks, leading to losses that crossed $4 million within just three days.<\/p>\n<p>The exploits targeted deprecated smart contracts that had already been shut down years earlier but still held on-chain liquidity.<\/p>\n<p>Despite being labelled as inactive and immutable, the contracts remained accessible to attackers who exploited weaknesses in zero-knowledge proof verification logic.<\/p>\n<p>While the attacks did not affect the current Aztec network or its AZTEC token, they exposed long-standing risks tied to retired DeFi systems that continue to exist on <a href=\"https:\/\/coinjournal.net\/news\/ethereum-tops-1800-as-bitmine-boosts-holdings-to-5-62-million-eth\/\">Ethereum<\/a> without active maintenance or upgrade paths.<\/p>\n<h2>First breach: Aztec Connect drained of $2.1 million<\/h2>\n<p>The <a href=\"https:\/\/x.com\/AztecLabs_\/status\/2066175340926345555\">first incident<\/a> occurred on June 14, when attackers exploited the Aztec Connect protocol, a deprecated privacy-focused bridge that had been officially shut down after its retirement phase.<\/p>\n<p>The contract was already considered inactive, yet it still contained residual funds.<\/p>\n<p>The attacker managed to drain approximately $2.1 million in digital assets, including around 909 ETH, 270,000 DAI, and 167 wstETH, alongside other smaller holdings.<\/p>\n<p>The exploit was linked to flaws in the way rollup proof verification was handled, allowing invalid or manipulated proofs to be accepted as legitimate.<\/p>\n<p>What made the situation more critical was the nature of the contract itself.<\/p>\n<p>Aztec Connect was described as immutable, meaning it could not be paused or patched once deployed.<\/p>\n<p>Even though users had previously been encouraged to withdraw funds before shutdown, the remaining balance became an easy target for exploitation years later.<\/p>\n<p>Security teams reviewing the incident pointed to a breakdown in the relationship between zero-knowledge proof validation and on-chain settlement logic.<\/p>\n<p>In simple terms, the system accepted proofs that did not correctly match the underlying transaction state, allowing the attacker to trigger unauthorised withdrawals.<\/p>\n<h2>Second attack: Private Rollup Bridge exploited for $2.15 million<\/h2>\n<p>Just three days later, <a href=\"https:\/\/x.com\/PeckShieldAlert\/status\/2067502440044437871?s=20\">a second exploit<\/a> hit another legacy system known as the Private Rollup Bridge.<\/p>\n<p>This contract was also part of Aztec\u2019s older infrastructure and had been deprecated following the transition away from earlier rollup designs.<\/p>\n<p>In this case, attackers drained roughly 1,158 ETH, valued at close to $2.15 million at the time of the incident.<\/p>\n<p>The method used was different in execution but similar in technical root cause.<\/p>\n<p>Instead of directly manipulating withdrawals through basic proof mismatch, the attacker leveraged a vulnerable \u201cescape hatch\u201d mechanism embedded in the bridge design.<\/p>\n<p>By submitting a specially crafted zero-knowledge proof, the attacker was able to trigger the contract\u2019s exit logic.<\/p>\n<p>The system incorrectly validated the proof and released funds without proper verification of the underlying state transitions.<\/p>\n<p>This allowed the attacker to extract liquidity in a single coordinated sequence.<\/p>\n<p>Like the earlier exploit, this breach did not involve private key compromise or reentrancy vulnerabilities.<\/p>\n<p>Instead, it highlighted deeper issues in how proof validation was structured in legacy rollup systems, particularly when contracts remain permanently active on-chain after being officially sunset.<\/p>\n<h2>Response from Aztec and security firms<\/h2>\n<p>Following both incidents, Aztec Labs and the Aztec Foundation confirmed that the affected systems were deprecated products with no connection to the current Aztec network or AZTEC token ecosystem.<\/p>\n<blockquote class=\"twitter-tweet\" data-width=\"500\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\">The Aztec Foundation was made aware of a potential exploit targeting a deprecated product which occurred on June 17, 2026. There are no links between this product and any smart contracts related to the current network or the AZTEC ERC20 token.<\/p>\n<p>The product was deprecated 4 years\u2026 <a href=\"https:\/\/t.co\/kANaIuw8HF\">https:\/\/t.co\/kANaIuw8HF<\/a><\/p>\n<p>\u2014 Aztec Foundation (@aztecFND) <a href=\"https:\/\/x.com\/aztecFND\/status\/2067511967237939636?ref_src=twsrc%5Etfw\">June 18, 2026<\/a><\/p>\n<\/blockquote>\n<p>They emphasised that neither contract could be upgraded, paused, or controlled, as both were designed to be immutable at deployment.<\/p>\n<p>Security firm CertiK Alert also <a href=\"https:\/\/x.com\/CertiKAlert\/status\/2067518781304525189?s=20\">flagged the Private Rollup Bridge exploit<\/a>, identifying the attacker\u2019s address and confirming the movement of funds tied to a specific Ethereum transaction.<\/p>\n<p>Their analysis aligned with other reviews, suggesting that the vulnerability stemmed from flaws in zero-knowledge proof verification rather than conventional smart contract bugs.<\/p>\n<p>Aztec representatives also clarified that the Private Rollup Bridge and Aztec Connect incidents were separate events, even though they occurred within a short timeframe and shared similar technical weaknesses.<\/p>\n<div class=\"post-meta\">\n<hr class=\"mb-6\"\/>\n<h6 class=\"text-3xl  mb-4  text-green-300\">Share this article<\/h6>\n<hr class=\"mb-6\"\/>\n<h6 class=\"text-3xl  mb-4  text-green-300\">Categories<\/h6>\n<hr class=\"mb-6\"\/>\n<h6 class=\"text-3xl  mb-4  text-green-300\">Tags<\/h6>\n<\/p><\/div>\n<\/p><\/div>\n<p><a href=\"https:\/\/coinjournal.net\/news\/aztec-network-loses-over-4-million-in-three-days-to-two-subsequent-hacks\/\">Source link <\/a><br \/>\n<br \/><\/p>\n","protected":false},"excerpt":{"rendered":"<p>(Originally posted on : CoinJournal: Latest Crypto News, Altcoin News and Cryptocurrency Comparison ) Legacy Aztec Network contracts were drained of over $4M in three days. Attacks exploited flaws in zero-knowledge proof verification logic. The core Aztec network and AZTEC token were not affected by the exploits. Aztec\u2019s legacy infrastructure has come under a coordinated [&hellip;]<\/p>\n","protected":false},"author":7,"featured_media":74211,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0},"categories":[35],"tags":[],"_links":{"self":[{"href":"https:\/\/crowdfundjunction.com\/blog\/wp-json\/wp\/v2\/posts\/74210"}],"collection":[{"href":"https:\/\/crowdfundjunction.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/crowdfundjunction.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/crowdfundjunction.com\/blog\/wp-json\/wp\/v2\/users\/7"}],"replies":[{"embeddable":true,"href":"https:\/\/crowdfundjunction.com\/blog\/wp-json\/wp\/v2\/comments?post=74210"}],"version-history":[{"count":0,"href":"https:\/\/crowdfundjunction.com\/blog\/wp-json\/wp\/v2\/posts\/74210\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/crowdfundjunction.com\/blog\/wp-json\/wp\/v2\/media\/74211"}],"wp:attachment":[{"href":"https:\/\/crowdfundjunction.com\/blog\/wp-json\/wp\/v2\/media?parent=74210"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/crowdfundjunction.com\/blog\/wp-json\/wp\/v2\/categories?post=74210"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/crowdfundjunction.com\/blog\/wp-json\/wp\/v2\/tags?post=74210"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}