On March 15, the liquidity mining protocol Mozaic Finance suffered an exploit on the Arbitrum network, as confirmed by a statement from the protocol's development team. According to the team, the attackers successfully deposited the stolen funds into the centralized cryptocurrency exchange MEXC. Despite the breach, the team expresses confidence in the eventual return of the funds.
Mozaic Finance operates as a decentralized finance and yield optimization protocol across multiple blockchain networks, boasting the utilization of artificial intelligence (AI) programs to bolster investor returns. However, this recent incident underscores the persistent challenges facing blockchain security.
The blockchain security firm CertiK sounded the alarm about the breach, highlighting the attacker's utilization of the "bridgeViaLifi" contract, typically accessible only by developer wallets. CertiK's subsequent report, concluded that the incident likely stemmed from a leakage of private keys, enabling unauthorized access to the contract.
According to blockchain data, an account ending in 50eb initiated the exploit at 6:08 a.m. UTC, triggering 27 token transfers, each involving substantial sums of stablecoins. A portion of the transferred funds ultimately circled back to the account initiating the transaction, leading CertiK to estimate total losses exceeding $2 million.
This incident adds to a series of security breaches within the blockchain space. Recently, on March 9, the decentralized finance protocol Unizen faced losses exceeding $2 million due to an external call vulnerability, while lending app Seneca Finance suffered a similar exploit on February 29, resulting in over $6 million in losses. In response to the Mozaic Finance breach, the development team aims to pursue legal avenues for fund recovery, particularly since the alleged proceeds have been traced to a centralized exchange, offering a potential path for recourse.
