Friday, June 19, 2026
About Contact Subscribe →
markets

Aztec Suffers Second $2.1M Exploit in Under a Week

Aztec was hit by a second $2.1M exploit in less than a week, raising alarms about risks from deprecated smart contracts.

Aztec, a blockchain privacy protocol, suffered a second exploit worth approximately $2.1 million in less than a week, according to findings flagged by blockchain security firm SlowMist. The back-to-back attacks have drawn urgent attention from the broader crypto security community and raised serious questions about how projects manage legacy infrastructure after they stop actively developing it.

Security researchers are now sounding the alarm on a systemic vulnerability class: deprecated smart contracts. These are contracts that projects have officially abandoned or replaced but have left deployed on-chain — and, critically, still holding user funds or accessible liquidity. Unlike traditional software, smart contracts cannot simply be patched or taken offline without deliberate intervention, meaning old code can sit exposed indefinitely.

Read more USD/JPY Surges Near 2024 Highs as Dollar Extends Post-Fed Rally →

The twin incidents at Aztec underscore how quickly threat actors can return to exploit the same protocol when the root vulnerability is not fully addressed after an initial attack. A second breach of the same scale within days suggests that either the initial remediation was incomplete or that attackers identified additional attack surfaces in related legacy contracts that were not prioritized in the first response.

The pattern mirrors a growing trend across decentralized finance, where deprecated or dormant contracts have become attractive targets precisely because development teams have often moved on and monitoring has lapsed. Security professionals argue that sunsetting a protocol must include either migrating all assets out of legacy contracts or implementing kill-switch mechanisms that can lock them against interaction.

The cumulative loss from both incidents now stands at a significant figure that illustrates the real-world financial stakes of smart contract lifecycle management — a discipline that remains underemphasized across the industry. Continue reading at Cointelegraph.

Continue reading at Cointelegraph →

Frequently Asked Questions

Q.What happened in the Aztec exploit?

Aztec was hit by a second exploit worth approximately $2.1 million in less than a week, with blockchain security firm SlowMist flagging the incident.

Q.Why are deprecated smart contracts a security risk?

Deprecated smart contracts are abandoned by developers but remain deployed on-chain, meaning old vulnerable code stays accessible and cannot simply be patched or taken offline without deliberate action.

Q.How much money was lost in the Aztec exploits combined?

The two separate incidents each involved approximately $2.1 million, occurring within less than a week of each other, for a combined significant cumulative loss.

More in markets →
markets
USD/JPY Surges Near 2024 Highs as Dollar Extends Post-Fed Rally
The US dollar pushed broadly higher on June 18, with USD/JPY approaching multi-year highs as markets digested a hawkish Fed stance.
markets
CME Group Sues CFTC Over Crypto Perpetual Futures Classification
CME Group has filed a lawsuit against the CFTC and Chair Michael Selig, claiming regulators are misclassifying crypto futures as swaps.
markets
Stocks Climb as Oil Drops on Iran Nuclear Deal Hopes
Equity markets rallied and crude prices slid Tuesday as traders grew optimistic a revived Iran nuclear deal could unlock more oil supply.
markets
Man Group Files Form 8.3 Disclosure on DCC Plc Stake
Man Group PLC submitted a Form 8.3 regulatory disclosure concerning a position in DCC Plc, signaling a reportable interest under UK takeover rules.