Decentralized finance protocol Makina Finance was flagged for a suspected exploit that drained approximately $5 million from a stablecoin liquidity pool, according to blockchain security firm CertiK. The attacker reportedly used a 280 million USDC flash loan to manipulate an oracle tied to the protocol’s DUSD and USDC pool, allowing assets to be extracted in a single transaction sequence.
Makina Finance, which launched in early 2025 and markets itself as an institutional-grade DeFi execution engine, currently holds just over $100 million in total value locked. Security firms provided varying estimates of the losses, while CertiK noted that a large portion of the funds were ultimately captured by an MEV builder rather than remaining under direct attacker control.
The Makina team has not formally confirmed the exploit, stating only that it is investigating a potential incident and advising liquidity providers to withdraw from affected pools. The episode adds to ongoing concerns around DeFi security following billions of dollars in crypto theft reported across the sector in 2025.
