{"id":32343,"date":"2026-06-18T13:24:27","date_gmt":"2026-06-18T13:24:27","guid":{"rendered":"https:\/\/bitunikey.com\/news\/aztec-probes-2m-transfer-from-old-payments-product\/"},"modified":"2026-06-18T13:24:31","modified_gmt":"2026-06-18T13:24:31","slug":"aztec-probes-2m-transfer-from-old-payments-product","status":"publish","type":"post","link":"https:\/\/bitunikey.com\/news\/aztec-probes-2m-transfer-from-old-payments-product\/","title":{"rendered":"Aztec probes $2m transfer from old payments product"},"content":{"rendered":"<p><\/p>\n<div class=\"post-detail__content blocks\">\n<p class=\"is-style-lead\">Aztec Labs said it is investigating a potential exploit affecting a deprecated Aztec payments product from 2021. <\/p>\n<div id=\"cn-block-summary-block_7e38ed1d59fd254befeaaa7bd019cd09\" class=\"cn-block-summary\">\n<div class=\"cn-block-summary__nav tabs\">\n        <span class=\"tabs__item is-selected\">Summary<\/span>\n    <\/div>\n<div class=\"cn-block-summary__content\">\n<ul class=\"wp-block-list\">\n<li>Aztec Labs says about $2m moved from a deprecated 2021 payments product contract on Ethereum.<\/li>\n<li>The Aztec Foundation says current contracts and AZTEC ERC20 token are unrelated to this incident.<\/li>\n<li>The new probe follows a separate Aztec Connect exploit reported only days earlier this week.<\/li>\n<\/ul><\/div>\n<\/div>\n<p><!-- .cn-block-summary --><\/p>\n<p>In an <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/x.com\/AztecLabs_\/status\/2067511785637163354?s=20\" target=\"_blank\" rel=\"nofollow\">Aztec Labs post<\/a>, the team said about $2 million was transferred from an immutable smart contract in an <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/etherscan.io\/tx\/0xab306cd2184d23b6ba3e151b10b3b9a0b81f211cc16f4f3b0c79f0b17a59c2b5\" target=\"_blank\" rel=\"nofollow\">Etherscan transaction<\/a> on June 17.<\/p>\n<p>The company said the affected product was an \u201cimmutable stage 2 rollup\u201d that was sunset in 2022. It also said Aztec Labs holds no admin keys or control over the system, meaning it cannot pause or upgrade the old contract.<\/p>\n<p>    <!-- .cn-block-related-link --><\/p>\n<h2 class=\"wp-block-heading\"><strong>Foundation says current network is separate<\/strong><\/h2>\n<p>The Aztec Foundation said it was made aware of the possible exploit on June 17. In a <a rel=\"nofollow\" target=\"_blank\" href=\"https:\/\/x.com\/aztecFND\/status\/2067511967237939636?s=20\" target=\"_blank\" rel=\"nofollow\">Foundation post<\/a>, it said there are \u201cno links\u201d between the deprecated product and any smart contracts tied to the current network or the AZTEC ERC20 token.<\/p>\n<figure class=\"wp-block-embed is-type-rich is-provider-x wp-block-embed-x\">\n<div class=\"wp-block-embed__wrapper\">\n<blockquote class=\"twitter-tweet\" data-width=\"550\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\">The Aztec Foundation was made aware of a potential exploit targeting a deprecated product which occurred on June 17, 2026. There are no links between this product and any smart contracts related to the current network or the AZTEC ERC20 token.<\/p>\n<p>The product was deprecated 4 years\u2026 <a rel=\"nofollow\" target=\"_blank\" rel=\"nofollow\" href=\"https:\/\/t.co\/kANaIuw8HF\">https:\/\/t.co\/kANaIuw8HF<\/a><\/p>\n<p>\u2014 Aztec Foundation (@aztecFND) <a rel=\"nofollow\" target=\"_blank\" rel=\"nofollow\" href=\"https:\/\/x.com\/aztecFND\/status\/2067511967237939636?ref_src=twsrc%5Etfw\">June 18, 2026<\/a><\/p><\/blockquote>\n<\/div>\n<\/figure>\n<p>The foundation also said the product was deprecated four years ago and that Aztec Labs no longer controls the system. It directed users to Aztec Labs for updates as the team reviews the transaction and the affected contract.<\/p>\n<h2 class=\"wp-block-heading\"><strong>Second old-product incident in days<\/strong><\/h2>\n<p>Aztec Labs said the latest case is separate from the June 14 exploit involving Aztec Connect, another deprecated product. As previously reported by crypto.news, Aztec Connect lost $2.1 million after an old immutable smart contract was exploited.<\/p>\n<p>According to an earlier crypto.news report, the Aztec Connect attack involved a verification mismatch that let unbacked balances move through Ethereum settlement records. Security firms later traced the issue to an old RollupProcessorV3 contract.<\/p>\n<h2 class=\"wp-block-heading\"><strong>Old immutable contracts remain a risk<\/strong><\/h2>\n<p>The new case again points to a problem facing discontinued DeFi products. Even after a product shuts down, its contracts can remain live on Ethereum. If funds stay inside immutable contracts, attackers may still look for paths to move them.<\/p>\n<p>That creates a hard response problem. A live team may be able to warn users and track funds, but it may not be able to stop an old contract that has no admin controls. Aztec Labs said it will share further updates \u201cin due course.\u201d<\/p>\n<p>For now, Aztec Labs and the Aztec Foundation are drawing a clear line between the old payments product and the current network. The main claim from both groups is that the incident concerns a deprecated system, not the active Aztec network or the AZTEC token.<\/p>\n<p>    <!-- .cn-block-related-link --><\/p><\/div>\n","protected":false},"excerpt":{"rendered":"<p>Aztec Labs said it is investigating a potential exploit affecting a deprecated Aztec payments product from 2021. Summary Aztec Labs says about $2m moved from a deprecated 2021 payments product&hellip;<\/p>\n","protected":false},"author":1,"featured_media":29669,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-32343","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cryptocurrency"],"_links":{"self":[{"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/posts\/32343","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/comments?post=32343"}],"version-history":[{"count":1,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/posts\/32343\/revisions"}],"predecessor-version":[{"id":32344,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/posts\/32343\/revisions\/32344"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/media\/29669"}],"wp:attachment":[{"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/media?parent=32343"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/categories?post=32343"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/bitunikey.com\/news\/wp-json\/wp\/v2\/tags?post=32343"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}