Arcadia Finance, a decentralized finance (DeFi) platform running on the Base blockchain, experienced a significant security breach resulting in the theft of approximately $2.5 million in cryptocurrency.
The attack targeted the protocol’s Rebalancer contract, exploiting a vulnerability that allowed the attacker to manipulate arbitrary swapData parameters and execute unauthorized swaps that drained funds from user vaults.
The breach took place on Tuesday, July 15, 2025, at 04:05:58 UTC. According to blockchain security firm Cyvers, the attacker deployed a malicious contract and completed the exploit in under a minute. Following the theft, the stolen assets, which consisted mainly of 2.3 million USDC and around 227,000 USDS stablecoins, were converted into Wrapped Ethereum (WETH) on the Base network. The attacker then bridged the WETH to the Ethereum mainnet, fragmenting the trail by moving the funds through newly created intermediary Ethereum addresses.
????ALERT????Today, our system has detected a multiple suspicious transaction involving @ArcadiaFi on #Base with loss of 2.5M.
The exploiter seems to use arbitrary “swapData” on their rebalancer contract to execute the exploit.
All the stolen funds swapped to $ETH and bridged from… pic.twitter.com/IWhB4KY7Vu
— ???? Cyvers Alerts ???? (@CyversAlerts) July 15, 2025
This fragmentation suggests the attacker aims to obscure the stolen tokens’ origins through complex transaction patterns, potentially mixing services or decentralized exchanges (DEXs) to avoid detection. Cyvers has recommended that exchanges and bridges freeze transactions involving the flagged addresses to mitigate further losses.
In response, Arcadia Finance confirmed the exploit via a post on X (formerly Twitter), urging users to immediately revoke any asset manager permissions granted to Rebalancer contracts within its platform. The team reassured users that they are investigating the incident and will release more information soon.
This year has seen a rise in crypto thefts, with hacks and scams resulting in over $2.47 billion in losses in the first half of 2025, up 3% from the previous year. Users of Arcadia Finance are advised to stay updated on official communications and be cautious with permissions on DeFi platforms.
Following a $5 million white hat bounty offer from the GMX team, the hacker behind the $40 million breach of the GMX decentralized exchange (DEX) has begun returning the stolen funds. This represents a major step towards resolving one of the most significant recent DeFi exploits.
If you want to read more news articles like this, visit DeFi Planet and follow us on Twitter, LinkedIn, Facebook, Instagram, and CoinMarketCap Community.
“Take control of your crypto portfolio with MARKETS PRO, DeFi Planet’s suite of analytics tools.”
