DeFi Exploit: Hacker Drains $12M from Cork Protocol in Ethereum Swap Heist
Another day, another crypto protocol left scrambling. This time, Cork Protocol joins the hall of shame after an attacker swiped $12 million—conveniently swapped to Ethereum, because even hackers prefer liquidity.
How’d they pull it off? Details are scarce, but the old playbook likely applies: find a flaw, exploit it, and vanish before the auditors wake up. Classic DeFi ‘innovation’—where the only thing being disrupted is your fund’s security.
Meanwhile, Ethereum’s chain keeps chugging along, unfazed. After all, gas fees don’t discriminate between honest trades and exit scams.
Hacker Swaps $12M to Ethereum, Source: X
The threat was initially detected by blockchain security company Cyvers Alerts, which identified the malicious activity as it happened on May 28, 2025. The hacker’s wallet was funded by another wallet address, 0x4771.762B, believed to be associated with a crypto service provider. Only 16 minutes and 45 seconds after the contract was deployed, the hacker was able to successfully exploit it.
The hacker was able to steal 3,761.87 wstETH that was later rapidly converted into ETH. As of reporting, the funds stolen are yet to be transferred to any other wallet addresses.
After the incident, Cork Protocol released a statement that it is currently looking into the exploit and has suspended all contracts to avoid any further loss. The team had guaranteed the community that further updates WOULD be revealed as circumstances unfolded.
Also Read: solana DeFi Protocol Suffers $5.8M Exploit Weeks After Launch
