Wasabi Protocol, a decentralized finance derivatives exchange, has suffered a multi-chain exploit on Thursday, resulting in loss estimated at close to $5 million.
Several blockchain security companies have been reporting the case of the hack through X channels, showing that the multi-chain exploit happened in the chains of Ethereum, Base, Berachain, and Blast.
The incident was witnessed amidst rising cases of DeFi scams, whose numbers surged to $600 million in April, per several research studies.
How did the attack happen?
Reports from security researchers Blockaid and Certik highlight that the exploit stemmed from a compromised admin key which allowed privileged access through the Wasabi deployer wallet.
The easy access allowed the attacker to upgrade core contracts and drain user funds. BlockSec also highlighted that early investigation shows that Tornado Cash-funded accounts received the admin-linked roles.
Blockaid stated, “All Wasabi/Spicy LP-share tokens minted by these vaults should be treated as COMPROMISED.”
Cyvers said the attacker drained a mix of tokens including WETH, PEPE, MOG, USDC, ZYN, REKT, cbBTC, AERO, and VIRTUAL during the exploit.
After the theft, the funds were quickly swapped and consolidated into Ethereum (ETH), which is often used because it’s easier to move across networks and harder to track when broken into parts.
The attacker then bridged the assets onto the Ethereum network and spread them across multiple wallets. This kind of splitting is typically done to make the money trail harder to follow and slow down any recovery efforts by investigators or exchanges trying to trace where the funds went.
Wasabi says unaware of the issue
Interestingly, Wasabi Protocol said it was aware of the issue and was currently looking into what happened. As a precaution, the team has asked users not to interact with Wasabi contracts for now, warning that it’s safer to stay away until things are fully resolved.
On the other hand, Virtuals Protocol claims that its systems are currently unaffected and secure. Nonetheless, as a security measure, Virtuals Protocol has temporarily halted margin deposits associated with Wasabi Protocol until the issue gets resolved. Both parties are currently trying to evaluate the effect on the users’ funds.
Wasabi exploit comes amid rise in defi hacks
The crypto industry has seen a sharp rise in hacks this April, making it the worst month for security breaches in over a year. According to DeFiLlama, total losses have already climbed to around $629.7 million, the highest monthly figure since February 2025, when losses hit $1.47 billion.
Much of the theft seen this month has been attributed to two separate cases. The KelpDAO attack, where $293 million was stolen, and the Drift Protocol heist, where an estimated $280 million was taken, account for nearly 82 percent of the entire sum stolen during the month of April.
These incidents have once again thrown the decentralised finance (DeFi) problem into the spotlight. DeFi networks are now viewed as the top priority target for attacks owing to their reliance on complicated smart contracts and absence of any central authority.
To sum it all up, it is apparent that although the industry keeps expanding and attracting more traffic, it will forever be susceptible to issues of security.