Arbitrum, an Ethereum L2 scaling solution, has recently undergone a staggering exploit. In this respect, the exploiter has drained a total of $395K from Arbitrum while targeting the Futureswap smart contract. As per the data from BlockSec Phalcon, the exploiter carried out a sequence of diverse operations, including $USDC transfers and flash loans. Hence, the respective exploit has raised fear among the users regarding further imminent losses.
ALERT! Our system detected a suspicious transaction targeting @futureswapx’s contract on #Arbitrum a few hours ago, resulting in an estimated loss of ~$395K. We have attempted to contact the team, but have not received a response so far.The attacker appears to have drained… pic.twitter.com/YPf4vYEqIJ
— BlockSec Phalcon (@Phalcon_xyz) January 10, 2026
Arbitrum Futureswap Exploit Steals $395K in $USDC via Flash Loans
Based on the on-chain data, a cumulative $395,000 has left Arbitrum in an exploit focusing on its Futureswap smart contract. Particularly, the incident comprised a complex series of diverse operations like $USDC transactions and flash loans. Additionally, the exploit seems to have utilized diverse “changePosition” calls, finally enabling the exploiter to extract a notable $USDC amount.
The transfer trace started with the attacker’s “flashLoanSimple” call, requesting 500B $USDC units to Pool V3 of Aave. This triggered a sequence of different delegate calls via “FlashLoanLogic” and “L2PoolInstance.” Hence, this transferred the funds to the exploiter’s contract. Following that, the attacker executed the “executeOperation” call, getting the $USDC loan, apart from a premium of nearly 250M units. The respective exploit has reportedly stemmed from some unexpected shifts in “stableBalance” accounting that took place during former position updates.
Incident Highlights Need for Solid DeFi Protections and Transparency
According to BlockSec Phalcon, the respective flaw may have permitted the exploiter to circumvent collateral restrictions as well as extract $USDC while removing positions. At the moment, the Futureswap team is anticipated to release a public statement addressing the incident. The development highlights the significance of strict accounting protections and transparent contract infrastructure in DeFi platforms. Overall, the investigations are underway to come up with suitable updates for likely remedies.
Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to
Disclaimer.
Articoli correlati
Circle under fire after $285 million Drift hack over inaction to freeze stolen USDC
After the $285 million Drift hack, the focus is shifting to Circle (CRCL) and whether it could have done more to stop the money.
The attacker siphoned off roughly $71 million in USDC as part of the exploit Wednesday, according to blockchain security firm PeckShield. After converting most of the
CoinDesk17h fa
Circle Mints Over $10B USDC on Solana in One Month
Circle has significantly increased USD Coin (USDC) minting on Solana, totaling over $10.25 billion recently. This surge indicates strong demand linked to crypto trading and DeFi growth, positioning Solana as a key player for stablecoin activity.
Coinfomania04-04 07:29
Circle Destroys 250M USDC on Solana, Monthly Total Reaches 10.25B
Gate News message, Circle destroyed another 250 million USDC four hours ago. Over the past month, Circle has destroyed a total of 10.25 billion USDC on Solana. According to Lookonchain's earlier report on April 3, 2026, Circle has been destroying 750 million USDC per day over the past four days, tot
GateNews04-04 00:30
Circle under fire after $285 million Drift hack over inaction to freeze stolen USDC
After the $285 million Drift hack, the focus is shifting to Circle (CRCL) and whether it could have done more to stop the money.
The attacker siphoned off roughly $71 million in USDC as part of the exploit Wednesday, according to blockchain security firm PeckShield. After converting most of the
CoinDesk04-03 19:21
Circle 遭控放任 4.2 億美元非法資金流動!ZachXBT 揭 USDC 合規漏洞引爆爭議
美國穩定幣公司 Circle 被指控未能有效凍結超過 4.2 億美元的可疑 USDC 資金。調查員 ZachXBT 指出,自 2022 年以來,Circle 在多起駭客事件中延誤了凍結行動,引發市場對其合規性的質疑。事件中的 Drift Protocol 攻擊更是令 Circle 批評成為焦點。市場呼籲 Circle 提高風險管理標準,隨後其合規執行延誤已對用戶造成嚴重損失。
ChainNewsAbmedia04-03 16:44
