Aztec Labs Probes Possible Exploit After $2.1 Million Moved From Defunct Aztec Connect

Aztec Labs, a privacy blockchain project, said it is investigating a possible exploit involving Aztec Connect, a legacy service it shut down three years ago.

In a post on X on June 15, the company said it was looking into “a potential exploit that may affect Aztec Connect” after about $2.1 million was transferred from an immutable smart contract.

Aztec Labs also disclosed the transaction hash linked to the incident. It has not specified whether the transfer has been confirmed as an attack, who moved the funds, or whether there were any additional losses.

The company said Aztec Connect is no longer supported. Aztec Labs does not hold admin keys or control over the system, it added, meaning it cannot shut the service down or upgrade it.

That indicates the smart contract was deployed in an immutable form, making it difficult for the project to halt transactions or fix vulnerabilities. The limited administrative control typical of decentralized systems may also restrict any response after the fact.

Aztec Labs said it would provide further updates. If the transfer is confirmed as an exploit, the incident could refocus attention on lingering risks in older decentralized applications and retired protocols.