The Wasabi Protocol hack drained more than $5 million across several blockchains early Thursday. Security firms said the breach involved a compromised deployer EOA admin key. The attacker used that access to upgrade contracts and move funds from multiple networks.
PeckShieldAlert reported the incident on X. The firm said Wasabi Protocol is exploited for more than $5 million across Ethereum, Base, Berachain, and Blast.
Investigators associated the activity with a single address having administrative authority over the contracts of the protocol. The address used privileged access to change contract behavior and extract assets.
Also Read: Arbitrum Freezes $71M ETH After Kelp DAO Bridge Hack
Wasabi Protocol Hack Hits Vaults and Pools
The exploit is also identified by Hypernative at 07:48 UTC. The company sent high-severity warnings following the detection of suspicious activity on the systems of Wasabi.
The Wasabi Protocol hack took approximately two hours, Hypernative said. It further stated that a number of vaults and liquidity pools in three chains were impacted by the attack.
The deployer key is employed by the attacker to give a malicious contract ADMIN_ROLE. That action enabled the attacker to carry out transactions on a number of WasabiVault proxies.
Other transactions redirected collateral through strategy deposit calls. The attacker also upgraded the WasabiLongPool contract to a malicious implementation.
Similar findings were reported by Blockaid after examining the exploit path. The company reported that the Wasabi deployer EOA had been issued ADMIN_ROLE and subsequently UUPS-upgraded the perp vaults and the LongPool.
The stolen funds were subsequently converted into ETH. These were then spread in various addresses, with some transactions being associated with Tornado Cash.
The biggest single loss amounted to approximately 840.9 WETH. That amount is worth more than $1.9 million at the time of the incident.
Wasabi Hack Hits Multiple Assets
SUSDC, PEPE, MOG, NEIRO, and cbBTC were other affected assets. As per the DeFiLlama data, the total value of Wasabi is around $8.5 million prior to the exploit.
Security reports indicated that the Wasabi Protocol breach is not due to a smart contract bug. The breach related to a weakened private key having administrative access.
That key enabled the attacker to make use of upgradeable proxy contracts. The access facilitated unauthorized upgrades and money transfers across the affected systems.
Wasabi Protocol acknowledged the issue in a public post. The team claimed that it is also under investigation and requested users to stay off Wasabi contracts.
The protocol also indicated that it would release more information as it became available. Users had been advised to withdraw approvals and not to sign any other Wasabi-related transactions.
Following the incident, Virtual Protocol froze margin deposits associated with Wasabi integrations. The team reported that its systems were not vulnerable.
The Wasabi Protocol hack contributes to a rough month in DeFi. April exploits have stolen over $606 million and included Drift Protocol and KelpDAO exploits.
This article contains market analysis and price predictions. These are not guarantees. Crypto markets are volatile. Always DYOR. Not financial advice.
Also Read: FBI Busts 276 in Global Crypto Pig Butchering Scam Sweep 2026
