The Mozaic Finance yield farming protocol fell victim to an exploit on March 15 on the Abitrum network, as confirmed by the protocol’s development team. The team has stated that the attacker has deposited all the stolen funds on the centralized crypto exchange MEXC and is “confident” that the funds will be returned.
Mozaic Finance is a decentralized finance and yield optimization protocol that operates on multiple blockchain networks. It utilizes artificial intelligence (AI) programs to maximize investor returns.
A report from CertiK, a blockchain security firm, revealed that the exploit occurred when the attacker called the “bridgeViaLifi” contract, which can only be accessed by a developer wallet. CertiK concluded that the incident was likely the result of a compromise of a private key.
Blockchain data shows that an account ending in 50eb initiated the function that resulted in 27 token transfers, moving hundreds of thousands of dollars in stablecoin from one account to another. Some of these tokens ended up in the account that made the call. CertiK estimated the total losses to be over $2 million.
Unfortunately, hacks and exploits continue to affect blockchain users. Just recently, on March 9, decentralized finance protocol Unizen suffered a loss of over $2 million due to an external call vulnerability. The development team promised to compensate victims promptly. Additionally, on February 29, lending app Seneca Finance experienced an exploit resulting in a loss of over $6 million.
In a Discord post on March 15, the Mozaic team expressed hope that the funds could be recovered through legal means since they have been deposited into a centralized exchange.