$5 Million Stolen from Makina Finance in Flash Loan Attack, CertiK Finds
TLDR
Makina Finance suffered a $5 million loss due to a sophisticated flash loan exploit.
The attack manipulated the DUSD/USDC stablecoin pool’s oracle, draining the funds.
CertiK reported that the exploit involved a flash loan of 280 million USDC.
An MEV bot front-ran the exploit, capturing the majority of the stolen funds.
Makina Finance assured users that other assets were not affected by the breach.
Makina Finance, a decentralized finance (DeFi) protocol, has been exploited in a sophisticated attack. Blockchain security firm CertiK reported that the exploit resulted in the theft of approximately $5 million from one of its stablecoin pools. The attack involved a flash loan of 280 million USDC and a manipulation of the protocol’s oracle, causing a loss for the DeFi platform.
Flash Loan Exploit Drains $5 Million
The exploit occurred on the DUSD/USDC Curve stablecoin pool, where the attacker borrowed 280 million USDC. They used 170 million USDC to manipulate the MachineShareOracle, which the pool relies on for pricing. Once the oracle was manipulated, the attacker swapped 110 million USDC, draining the pool of around $5 million in value.
Security firms offered varying estimates of the loss. GoPlus Security estimated the damage at $5.1 million, while PeckShield reported a loss of about $4.13 million in ether. CertiK’s analysis revealed that an MEV (Maximum Extractable Value) bot played a crucial role in executing the exploit, front-running the transaction and draining the funds. The bot, operating from the address 0xa6c2, captured the majority of the stolen assets.
We have seen an exploit on @makina; the Dialectic USD/USDC Stableswap pool has been manipulated and drained for approximately $5M, with the majority, $4.14M, going to an MEV builder address.https://t.co/rgLjDVuqzD
Stay Vigilant!
— CertiK Alert (@CertiKAlert) January 20, 2026
Makina Finance’s Response
Makina Finance has addressed the situation through its Discord channels, confirming that the issue only affected its DUSD liquidity provider positions on Curve. The firm has assured users that no other assets or deployments were compromised. To mitigate further risk, Makina Finance activated security mode across all its machines while it continues to investigate the situation.
The team advised liquidity providers in the affected pool to withdraw their funds. Despite the ongoing investigation, Makina Finance has not officially confirmed the exploit or provided specific details on the recovery process. The firm has been in contact with CertiK and other security teams to assess the full scope of the attack.
Rising Threats in DeFi
This breach follows a year marked by heightened crypto theft, with over $3.41 billion stolen in 2025. North Korea was identified as the most active threat actor, responsible for over $2 billion in stolen assets. The Makina Finance exploit highlights the growing concerns around DeFi security, especially the risks associated with flash loans and oracle manipulation.
Other recent exploits include the Truebit Protocol attack, which resulted in the loss of $26.5 million. As DeFi platforms continue to evolve, security experts warn that vulnerabilities in smart contracts, such as outdated Solidity versions, remain a major concern. In response, experts recommend using tools like the SafeMath library to protect systems from logic vulnerabilities and integer overflows.
The post $5 Million Stolen from Makina Finance in Flash Loan Attack, CertiK Finds appeared first on CoinCentral.
Filed under: News - @ January 20, 2026 11:27 am