On January 21, Makina released an updated statement regarding the previously reported hacking incident. According to the official disclosure, the attack affected only users who provided liquidity to the Curve DUSD/USDC pool. Users holding positions related to DUSD, Pendle, or Gearbox were not impacted. Makina stated that it has obtained partial leads related to the identity of the attacker and is currently attempting to establish contact.
User Guidance and Platform Measures
Makina noted that a status snapshot of the Curve DUSD/USDC pool had been taken prior to the attack. The platform advises users who remain liquidity providers in this pool to withdraw unilaterally into DUSD until further notice, in order to mitigate potential risks. Meanwhile, Makina is advancing follow-up remediation measures, including disabling recovery mode and gradually re-enabling redemption functions to restore core operational capabilities.
Incident Review and Loss Overview
Looking back at the incident itself, Makina suffered an attack on the Ethereum network the previous day, resulting in losses totaling 5,107,871 USDC. The attacker exploited a protocol vulnerability to manipulate pool pricing, artificially inflating the notional value of liquidity providers’ assets and thereby executing arbitrage strategies. The process was completed within a short time frame, exposing the fragility of complex DeFi mechanisms under extreme conditions.
Real-World Challenges of DeFi Liquidity Risk
From the characteristics of this incident, such attacks are not merely straightforward asset transfers, but are centered on pool pricing and liquidity mechanisms, making them particularly difficult for ordinary users to detect. As composability among DeFi protocols continues to increase, localized risks can be rapidly amplified, leading to concentrated impacts on specific participant groups.
Compliance and On-Chain Monitoring Perspective
In post-incident handling, analysis of fund flows, address linkages, and anomalous transaction paths becomes especially critical. In reviewing similar events, some institutions leverage on-chain monitoring systems such as Trustformer KYT to conduct structured analysis of attack behaviors and fund movements, supporting risk assessments and compliance reviews.
Conclusion
Makina’s latest disclosure helps clarify the scope of impact and once again reminds market participants that liquidity pool–related risks remain a persistent concern within the DeFi ecosystem. Transparent analysis and long-term monitoring of on-chain behavior are increasingly becoming essential foundations for understanding and managing such incidents.