Aztec Private Rollup Bridge Drained of $2.15M in Fresh Exploit

Privacy-focused Ethereum scaling project Aztec is facing renewed security concerns. After its Private Rollup Bridge was reportedly exploited for approximately $2.15 million. This marks the second major incident involving legacy Aztec infrastructure within days.

According to on-chain transaction data, the attacker drained roughly 1,158 ETH, 150,000 DAI and 0.47 renBTC from Aztec’s Private Rollup Bridge contract. The stolen assets were subsequently transferred to wallets controlled by the exploiter, raising fresh concerns across the crypto industry.

The latest incident quickly became one of the most discussed stories in crypto hack news. Particularly because it follows a separate exploit involving Aztec’s deprecated Connect infrastructure earlier this month.

How the Exploit Allegedly Worked

Initial analysis shared by security researcher Cos (@evilcos) suggests the attacker abused Aztec’s “Escape Hatch” mechanism within the RollupProcessor contract.

The feature was designed as a safety measure. This allowed users to submit rollup proofs during specific windows if normal operations were interrupted. But researchers claim the attacker crafted proofs containing manipulated public output values, which were accepted by the verifier.

As a result, the contract allegedly released assets directly from its custodial reserves. The suspicious withdrawals included:

• 1,158 ETH
• 150,000 DAI
• 0.46963295 renBTC

Blockchain security firm PeckShield later estimated total losses at approximately $2.16 million.

Growing Pressure on Cross-Chain Infrastructure

The incident highlights the continued challenges facing blockchain bridges and rollup infrastructure. While decentralized finance has matured significantly over recent years. The bridges remain among the most frequently targeted attack vectors.

Security analysts noted that the financial damage is relatively modest compared to some historic bridge exploits. However, repeated vulnerabilities can have a broader impact on user confidence. Industry observers warn that trust often becomes the largest casualty following bridge attacks. Especially when projects experience multiple security incidents within a short period.

Community Awaits Official Response

The Aztec Foundation and Aztec Labs had acknowledged the incident. They stated that they are investigating a potential exploit affecting a deprecated Aztec payments product launched in 2021

According to their statements, the affected system is an immutable Stage 2 rollup that was sunset in 2022. It has been deprecated for four years and is not connected to the current Aztec network or the AZTEC ERC-20 token. The teams said they will provide further updates as the investigation continues.

The alleged attacker was reportedly funded through a wallet linked to crypto exchange HitBTC before executing the exploit, according to on-chain investigators. The event comes as the broader industry continues to prioritize security improvements following years of high-profile bridge hacks and protocol vulnerabilities.

As more details emerge, the latest Aztec exploit is expected to remain a closely watched story in crypto news today. It is serving as another reminder that even sophisticated blockchain infrastructure requires continuous security reviews and rigorous auditing to protect user funds.