DeFi Hack Alert: Aperture Finance Smart Contract Exploit Suffers $3.67M Loss

2 hours ago 421

SagaEVM Chain Pauses After $7 Million Exploit

The post DeFi Hack Alert: Aperture Finance Smart Contract Exploit Suffers $3.67M Loss appeared first on Coinpedia Fintech News

DeFi platform Aperture Finance has suffered a major security breach, losing about $3.67 million in a smart contract exploit. Blockchain security firm PeckShieldAlert shows the hacker is actively moving stolen funds through Tornado Cash, a privacy-mixing service.

The activity has raised new concerns about fund recovery and how the actual hack happened.

How The Aperture Finance Exploit Happened

According to PeckShieldAlert, the Aperture Finance hack happened on January 25, 2026, due to a weakness in its V3 and V4 smart contracts, combined with existing user token approvals.

In DeFi platforms, users often permit contracts to move their ERC-20 tokens or liquidity position NFTs so trades and strategies can run automatically. But in this case, the exploiter found a flaw in how the contract handled those permissions and function calls.

Instead of breaking wallets or stealing private keys, the attacker used the contract’s own logic to trigger unauthorized asset transfers.

Because many users had already granted approvals, the attacker could move funds without needing new signatures. This allowed them to drain assets tied to approved tokens and liquidity positions.

Funds Moved to Tornado Cash After Hack

And all this led to the extraction of $3.67 million in value, the attacker converted a large share into ETH, and sent about 1,242 ETH to Tornado Cash to hide the trail.

Attackers often use mixing services like Tornado Cash to hide the origin of stolen crypto and make tracking more difficult. The funds were sent in multiple small transactions, including batches of 10 ETH and 100 ETH, a common method used to avoid attention.

Users Asked to Revoke Token and NFT Approvals

Following the exploit, the Aperture Finance team released an emergency notice and shared a list of affected contract addresses. And also warned users to urgently revoke both ERC-20 token approvals and ERC-721 liquidity position approvals tied to the risky addresses.

Affected Contract List

Please cross-reference your ERC-20 and liquidity position (ERC-721) approvals against the addresses listed in the image below. All such approvals to these addresses should be revoked. pic.twitter.com/Sn1BJ8fh92

— Aperture Finance (@ApertureFinance) January 27, 2026

Wallet approvals allow smart contracts to move user funds, and if left active, they can be abused after a contract is compromised.

Read Entire Article