MakinaFi Exploit Drains $4.1M as MEV Bots Front-Run Transactions

Makina Finance, a DeFi yield and asset management platform, has suffered a major security breach. On January 20, hackers exploited one of its stablecoin pools. They stole around 1,299 ETH, worth roughly $4.1 million at current prices.

#PeckShieldAlert @makinafi has been exploited for ~1,299 $ETH (~$4.13M).

The hacker was frontrun by MEV Builder (0xa6c2…).

The stolen funds are currently held in 2 addresses:
0xbed2…dE25 ($3.3M) & 0x573d…910e ($880K) pic.twitter.com/Q5WzHpfq7j

— PeckShieldAlert (@PeckShieldAlert) January 20, 2026

The attack was first reported by blockchain security firm PeckShield. Immediately, within minutes, on-chain trackers found the stolen cash placed within two wallets. Consequently, the incident has once again raised concerns about the risk of DeFi platforms, even in 2026. Furthermore, this wasn’t a small glitch; instead, it was a clean and fast hit.

What Exactly Happened?

The attack targeted MakinaFi’s DUSD/USDC Curve pool. Specifically, this pool is built on Curve Finance and connects Dialectic’s yield token, DUSD, with USDC. In this instance, the hacker used a classic flash loan attack. Specifically, this means they borrowed a huge amount of crypto for a few seconds and subsequently used it to manipulate prices. Then drained the pool and paid back the loan all inside one transaction.

Here’s the simple version of what went down: The attacker borrowed funds from protocols like Aave and Morpho, then ran a chain of swaps across Curve and Uniswap. By manipulating prices inside the pool, they were able to pull out more value than they should have. In the end, they walked away with 1,299 ETH.

MEV Bots Jumped In Too

This wasn’t just a hacker making money. An MEV builder bot also jumped into the action. MEV bots scan the blockchain for profitable trades and try to front-run them. In this case, an MEV builder address starting with 0xa6c2 slipped into the transaction bundle and grabbed a small cut of the profit. It only made about 0.13 ETH. But it shows how crowded and aggressive Ethereum trading has become. Even hackers now have to fight bots for profit. Crypto really is the wild west.

Where Is the Stolen Money Now?

The stolen ETH is currently sitting in two wallets:

• 0xbed2…dE25 holding about $3.3 million
  
• 0x573d…910e holding about $880,000

So far, the funds have not been mixed or sent through privacy tools. This gives investigators a chance to track every move. Security firms including PeckShield, ExVul and TenArmor have warned users to revoke contract permissions and avoid interacting with MakinaFi contracts for now. Makina has not released an official statement yet.

Why This Matters for DeFi Users

MakinaFi is known for offering advanced yield strategies using DeFi tools like Curve, Aave and Uniswap. Its DUSD token is designed to generate yield through smart on-chain strategies. But this attack shows a hard truth: Even complex and well-designed DeFi systems are still vulnerable. Flash loan attacks remain one of the most common ways hackers steal money.

Stablecoin pools are often the main target because they hold deep liquidity. In 2025 and early 2026, DeFi hacks have already cost users billions of dollars. The lesson is simple. If your money is on-chain, it is always at risk. DeFi moves fast. Hackers move faster.