incident<\/a> <\/strong>comes just over a year after a previous attack drained $4.3 million via its cross-chain bridge.<\/p>\nInitial reports of suspicious activity began surfacing on social media, prompting the ALEX team to confirm a \u201csecurity incident.\u201d The project later followed up with a detailed post-mortem, while the official website remains offline for maintenance.<\/p>\n
The exploit stemmed from a flaw in how failed transactions were handled on the Stacks network. The attacker reportedly manipulated the protocol\u2019s inability to properly verify transaction failures, using rejected data to falsely authorize fund withdrawals.<\/p>\n
Crypto security firm QuillAudits pegged the damage at around $14 million. Among the stolen assets were 63.5 units of wrapped Bitcoin variants (aBTC and sBTC). The incident also rattled the broader Stacks ecosystem, with the price of ALEX plunging over 50% and STX\u2014the network\u2019s native token\u2014dropping around 10%.<\/p>\n
Confusion briefly surrounded the peg stability of sBTC after data feeds showed a deviation in price. However, a Stacks spokesperson clarified that the token remains on-peg when using official oracle data.<\/p>\n
While the attack was isolated to ALEX, other projects in the Stacks ecosystem responded swiftly. Pontis paused its bridge to safeguard liquidity, and Bitflow removed the affected liquidity pools to prevent further risk.<\/p>\n
This isn\u2019t ALEX\u2019s first encounter with a critical vulnerability. In May last year, $4.3 million was drained from its XLink bridge, a breach believed to be tied to a compromised private key. Following that incident, the team implemented various security upgrades and migrated critical contracts\u2014but clearly, those measures weren\u2019t enough to prevent this far more damaging exploit.<\/p>\n","protected":false},"excerpt":{"rendered":"
ALEX Protocol, a DeFi platform built on Bitcoin\u2019s Stacks layer, has suffered a second major breach\u2014this time resulting in an estimated $14 million loss.<\/p>\n","protected":false},"author":3,"featured_media":28158,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_lmt_disableupdate":"","_lmt_disable":"","footnotes":""},"categories":[26],"tags":[],"class_list":["post-159352","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cryptocrime"],"acf":[],"yoast_head":"\n
$14M Vanishes in Fresh Attack on Bitcoin-Based DeFi Protocol<\/title>\n \n \n \n \n \n \n \n \n \n \n\t \n\t \n\t \n \n \n \n \n\t \n\t \n\t \n