Makina Finance, a DeFi platform for yield farming and asset management, was hit by a security breach today. An unknown hacker attacked one of MakinaFi's stablecoin pools and stole 1,299 ETH, equivalent to $4.1 million.
The attack was first reported by blockchain security firm PeckShield. In an X post on 20/01/2026, PeckShield reported that on-chain trackers showed the stolen funds were stored in two wallets. The wallet with the address 0xbed2...dE25 holds $3.3 million, while the wallet addressed 0x573d...910e stores the remaining $880,000.
The hacker targeted the DUSD/USDC pool, a stablecoin pool built on Curve Finance for swapping Dialectic (DUSD) yield tokens with USDC stablecoins.
In this case, the hackers utilized a flash loan attack. They borrowed a large amount of cryptocurrency for just a few seconds and used it to manipulate prices. After that, the hackers drained the funds in the pool and paid back the loan in a single transaction.
Hackers are not the only ones involved in this attack. On-chain data from Etherscan shows that MEV (Maximal Extractable Value) bots were involved in one of the funding flows to the destination wallets.
MEV bots are automated programs that scan the blockchain for potentially profitable trades, then execute transactions first to maximize the value that can be extracted. These bots generally operate with low latency in just a few milliseconds.
In the MakinaFi attack case, a MEV bot with an address starting with 0xa6c2 slipped into one of the transaction bundles and took a small portion of the profits. This MEV bot only managed to secure 0.13 ETH, but this shows that Ethereum trading is extremely busy and aggressive, so much so that hackers have to compete with trading bots.
Until now, the stolen funds have not been transferred from the two wallets where they are stored. Security companies such as PeckShield, Evul, and TenArmor have urged users to revoke smart contract permissions and avoid interacting with MakinaFi smart contracts for the time being.
Meanwhile, Makina Finance has stated via social media. “At this stage, the issue appears to be isolated to DUSD LP positions on Curve. There is currently no indication that other assets or deployments are affected.”
Security mode has been activated across the entire Makina Finance system to assess the situation. For liquidity providers in the Curve DUSD pool, MakinaFi recommends temporarily moving their liquidity out of the pool.
Makina Finance is known for offering advanced yielding strategies using DeFi tools such as Curve, Aave, and Uniswap. Its DUSD token is designed to generate yield through smart on-chain strategies.
However, the attack on MakinaFi serves as a harsh reminder to DeFi users: despite being designed with complexity and precision, no DeFi system is 100% attack-proof. Flash loan attacks are one of the most common methods used by hackers.
In early 2026, attacks on DeFi protocols have already caused millions of dollars in losses. The Makina Finance case teaches a simple but important lesson. If money is stored on the blockchain, security risks are always present.
So, how can you protect your digital assets from attacks? Learn security tips for Web3 in the article Web3 Security: Threats, Wallet Security, and Anti-Scam Tips.
