Root-cause analysis not yet published. The incident description below contains all currently available signal — review the attack transaction directly for definitive forensics.
According to PeckShieldAlert monitoring, the Makinafi protocol was exploited by hackers, resulting in a loss of approximately 1,299 ETH (about $4.13 million). The stolen funds are currently held in two addresses: 0xbed2...dE25 (around $3.3 million) and 0x573d...910e (around $880,000). News on January 23: Makina, a DeFi execution engine, posted on X stating that at 21:15 on January 22, the MEV Builder returned funds according to the SEAL Safe Harbor, deducting a 10% bounty. Approximately 920 ETH (out of 1,023 ETH collected) was returned, accounting for a portion of the total ~1,299 ETH stolen. The funds have been transferred to the recovery multi-sig address 0xc22F...8AB9. The team is continuing to pursue the remaining funds and is seeking to contact the RocketPool validator address 0x573D...910E, which received approximately 276 ETH. Attack method (per SlowMist): Oracle Price Manipulation Attack via Flash Loan. Reported loss: $ 4,130,000.
- chain
- —
- protocol
- Makinafi
- bug_class
- oracle
- date_occurred
- 2026-01-20
- loss_usd
- $4,130,000
- source_id
- sm:makinafi::2026-01-20