- Three separate DeFi attacks this week drained millions and prompted on-chain recovery efforts.
- Makina reported a bot and a validator intercepted parts of an exploit after an attacker deployed malicious contracts.
- On-chain activity on Ethereum hit record levels after the Fusaka upgrade, but new users have included many scam victims.
- Saga paused its chainlet after a $7 million exploit that caused a 25% depeg of its stablecoin D.
- Governance and layer-two incidents raised fresh concerns at projects including World Liberty Financial, Blast, and Paradex.
Makina, SynapLogic, and Saga experienced separate security incidents this week on multiple chains, prompting pauses and on-chain responses. The incidents occurred on Tuesday and the following day across Ethereum, Base, and Saga’s chainlet, affecting user funds and stablecoin stability.
Reported losses included about $5 million at Makina and $186,000 at SynapLogic. Makina published an update saying an “MEV searcher” bot discovered the attacker’s contract and then “frontrun” the hack; an MEV searcher is a bot that looks for profitable transaction ordering opportunities, and frontrunning is executing before another transaction to capture value.
The project’s Deployer address sent on-chain messages to both the bot and a validator asking for returns. Makina later announced the bot operator returned 920 ETH of the 1,023 ETH it received, keeping a 10% bounty; 1,300 ETH associated with the incident equaled about $5 million, so 920 ETH is roughly $3.5 million and 1,023 ETH is roughly $3.94 million.
Saga paused its Saga EVM chainlet after an exploit that removed about $7 million and pushed its stablecoin D to a 25% depeg. A post titled update said the network remained paused and referred to a “coordinated sequence of contract deployments, cross-chain activity, and subsequent liquidity withdrawals,” but did not disclose a single cause.
On-chain traffic rose after Ethereum’s Fusaka upgrade. Research from Andrey Sergeenkov shows weekly new addresses climbed to about 170% of the 2025 average. Sergeenkov notes “$740,000 has been stolen this way from 116 victims.” One similar December incident cost a user about $50 million, not included in that dataset.
Not all networks have prospered. An observer noted Blast showed negative 24-hour fee revenue on data dashboard DeFiLlama; DeFiLlama founder 0xnmgi explained Blast was paying more to settle on Ethereum than it received in gas fees. Blast once peaked at about $2.5 billion in total value locked (TVL); TVL measures assets held on a protocol.
Governance and layer-two incidents continued elsewhere. Trader DefiSquared highlighted a vote at World Liberty Financial to use unlocked WLFI tokens to expand the USD1 stablecoin; DefiSquared said the vote was allegedly dominated by insider wallets and amounted to “sell[ing] WLFI tokens at the expense of locked holders, in order to fund protocol revenue that goes only to themselves.” The project also announced a lending product, World Liberty Markets, to be “powered by Dolomite,” despite a prior DAO voting to launch an Aave instance.
Paradex rolled back its layer-two chain after an error that reportedly caused a Bitcoin Price to show $0 and liquidated traders. Paradex announced the rollback and later updated that it refunded about $650,000 to affected users. L2Beat lists Paradex under “Other,” noting there are ”less than five external actors that can attest data availability,” referring to who controls or verifies transaction data for the chain.
✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.
Previous Articles:
- BitGo shares tumble 22% after $212M IPO; dip below $15 at 2B
- Intel Slides 17% After Q1 Guidance Miss; Supply Constraints.
- Gold’s FOMO Drains Bitcoin: Prices Falling, Metals Rise Soon
- Paradex refunds $650,000 to 200 users after error in markets
- Tesla Drops Autopilot to Boost FSD; TSLA Dips Modestly Today
