Makina Finance, which operates in the field of decentralized finance, was the target of a complex attack on smart contract security. Blockchain security company CertiK reported in its analysis published today that approximately $5 million was withdrawn from one of the protocol’s stablecoin pools. The attack was carried out by manipulating the price oracle using a high volume flash loan. The incident was recorded as one of the latest examples of increasing cryptocurrency security breaches throughout 2025.
Mechanism of Attack
According to CertiK, the attacker targeted Makina Finance’s DUSD/USDC Curve stablecoin pool. The transaction chain started with a flash loan of 280 million USDC. Approximately 170 million USDC of this fund was used to create a temporary imbalance on MachineShareOracle, which the pool depends on for pricing. After the manipulation, the attacker emptied most of the assets by swapping the remaining 110 million USDC in a pool with a total size of approximately 5 million dollars.
Different security companies shared varying figures on the damage. While GoPlus Security calculated the loss as approximately $5.1 million, PeckShield announced that the withdrawn asset corresponded to ETH worth $4.13 million. Another striking element in CertiK’s report was that an MEV builder stepped in during the transactions and captured most of the funds. According to the report, around $4.14 million was seized by the MEV infrastructure instead of the attacker.
Makina Finance is known as a DeFi execution engine that launched in February 2025 and states that it offers enterprise-level strategy vaults. According to DefiLlama data, the total locked asset value in the protocol was $100.49 million at the time of the incident.
Protocol Reacted Quickly
The Makina Finance team did not share a direct confirmation on the official X or Telegram channels after the attack. The first statement was made on the Discord server on Tuesday morning, and the team stated that they were aware of the posts circulating and were in the process of verifying the information. In the second message, which came about two hours later, it was stated that the problem appeared to be limited to DUSD liquidity provider positions on Curve, and liquidity providers were advised to withdraw their funds. However, there was no explicit acknowledgment of the loss.
What happened is evaluated together with the increasing attacks in the cryptocurrency ecosystem throughout 2025. According to Chainalysis data, the total amount of cryptocurrency thefts during the year exceeded $3.41 billion. In the same report, it was emphasized that North Korea-related actors were the most active threat source with a record share of 2.02 billion dollars.
The Makina Finance case once again revealed that large-scale flash loan transactions in DeFi protocols with oracle dependency still pose a serious systemic risk.
