Makina Finance has suffered a significant loss after its DUSD/USDC liquidity pool on Curve was drained for $4.13 million.
The exploit was a result of a manipulation attack on the protocol’s pricing oracle. Security firms revealed how flash loans, price distortion, and MEV front-running enabled the hack, while Makina has already taken steps to contain the incident and track the stolen funds.
The attack targeted Makina Finance’s Curve stablecoin pool, specifically the DUSD/USDC pair, which was manipulated using the protocol’s oracle system. This oracle feeds price data to the platform’s smart contracts, allowing transactions to occur at the right rates.
Hackers took advantage of this setup by temporarily skewing the price reported by the oracle during the transaction. By borrowing 280 million USDC through a flash loan, the attackers injected the borrowed funds into the oracle, causing it to report inflated prices. As a result, the protocol paid out more tokens than it should have, draining the pool.
Flash loans and MEV front-running
The exploit began with the perpetrator borrowing the flash loan and using approximately $170 million USDC to distort the oracle’s price feed. Once the manipulated oracle returned inflated values, the hacker exchanged about 110 million USDC, effectively draining the pool.
Security experts noted that this was made possible by a flash loan, where the attacker borrowed funds without collateral, provided the amount was repaid within the same transaction.
Additionally, maximal extractable value (MEV) front-running played a role in the attack. MEV refers to the profit miners or validators can extract by reordering or censoring transactions. In this case, an MEV builder identified by the address prefix 0xa6c2 front-ran the exploit, capturing a significant portion of the funds, estimated at $4.14 million.
Makina Finance responds and ongoing investigation
Makina Finance confirmed the attack in a statement made at 6:42 AM UTC, acknowledging the breach while reassuring users that the rest of the protocol remained unaffected. The team advised liquidity providers to remove their assets from the DUSD Curve pool as they assessed the situation. Makina promised to provide further updates once the investigation was complete.
The DeFi protocol’s response emphasizes its commitment to securing users’ assets and determining the next steps for affected parties. While the stolen funds have been tracked across two wallets, it remains unclear how the assets will be recovered.
A troubling trend for the DeFi sector
This attack marks another setback for the DeFi ecosystem, which has already witnessed over $3 billion in thefts during 2025. According to a report from Cyvers, 108 security incidents were recorded last year, with over $16 billion in crypto assets lost. The growing prevalence of flash loan attacks and MEV front-running raises concerns about the vulnerability of decentralized finance platforms and the need for better security measures to protect users’ funds.
The Makina Finance exploit highlights the increasing risks associated with decentralized finance platforms. While the team takes steps to mitigate the damage, the broader industry faces ongoing challenges to ensure secure and resilient systems. The case serves as a reminder for users and platforms alike to stay vigilant against sophisticated exploit techniques that target vulnerabilities in DeFi protocols.
