- Legacy Aztec Network deals dropped by $4M in three days.
- The attacks used errors in verifying the information without knowledge.
- Aztec Networks and the AZTEC brand were not affected by the incident.
Aztec heritage buildings have been attacked, causing damage that exceeded $4 million in just three days.
The practice focuses on smart contracts that were closed a few years ago but still have a lot of money.
Although they were known to be ineffective and irreversible, the agreements remained accessible to criminals who exploited weaknesses in the verification of uninformed evidence.
While the attack did not affect Aztec’s current network or its AZTEC token, it highlighted the long-standing risks associated with retired DeFi systems that continue to exist. Ethereum without quick fixes or extra steps.
First breach: Aztec Connect lost $2.1 million
The the first event it happened on June 14, when the attackers used the Aztec Connect protocol, a permanent secret bridge that was officially closed after his retirement.
The contract was previously considered non-performing, but it still had money left over.
The attacker was able to drain approximately $2.1 million in electronic assets, including approximately 909 ETH, 270,000 DAI, and 167 wstETH, along with other minor items.
The abuse was linked to errors in the standard evidence-based process, resulting in false or altered evidence being accepted as admissible.
What made things even more difficult was the nature of the contract.
Aztec Connect is described as immutable, meaning it cannot be stopped or stopped once deployed.
Although users were previously encouraged to withdraw funds before closing, the remaining funds became an easy target for exploitation years later.
Security groups investigating the incident have pointed to a strained relationship between zero-knowledge verification and strategic thinking.
In short, the system accepted credentials that didn’t match the current situation, allowing the attacker to start the illegal output.
Second attack: Private Rollup Bridge spent $2.15 million
Three days later, another second He also hit on another popular system called the Private Rollup Bridge.
This union was also part of the ancient Aztec architecture and was abandoned after the original structural changes.
In this case, the attackers drained about 1,158 ETH, worth about $2.15 million during the event.
The method used was different for the killing but the same for the technical reason.
Rather than directly tampering with the refund due to inconsistencies in evidence, the attacker used an insecure “escape hatch” built into the bridge’s structure.
By providing a specially crafted proof of zero knowledge, the attacker was able to trigger out-of-contract assumptions.
The system misconfirmed the evidence and released money without proper verification of the government’s change.
This allowed the attacker to remove the coins from a single linked list.
As in the past, this breach did not involve the compromise of private keys or the threat of a rollback.
Instead, it explored the depth of how proof-of-concept is built into history-based systems, especially when contractors are still working long hours after the sun goes down.
The answer from Aztec is the security industry
After all these incidents, Aztec Labs and the Aztec Foundation confirmed that the affected systems were assets that were removed without connection to the current Aztec network or the AZTEC token ecosystem.
The Aztec Foundation was informed of a potential project that was abandoned on June 17, 2026. There are no links between this product and the smart contracts related to the current network or the AZTEC ERC20 token.
The project was abandoned for 4 years… https://t.co/kaNAIuw8HF
– Aztec Foundation (@aztecFND) June 18, 2026
They insisted that no contract could be lifted, suspended, or modified, because everything was designed to be permanent upon delivery.
Security company CertiK Alert too announced the success of the Private Rollup Bridgeidentifying the attacker’s address and verifying the movement of funds associated with real Ethereum transactions.
Their analysis is consistent with other reviews, suggesting that the vulnerability stemmed from errors in verifying uninformed evidence rather than common intelligence bugs.
Aztec representatives also explained that the Private Rollup Bridge and Aztec Connect events were separate events, although they happened not long ago and shared similar vulnerabilities.
