Wasabi Protocol: Security Incident Update; User Reimbursement Plan Still Pending

Wasabi Protocol released a new update on its recent security breach, saying attackers leveraged a misconfigured Spring Boot Actuator component in its AWS environment to obtain private keys used to control EVM smart contracts. The team estimates losses at roughly $4.8 million in user funds and about $900,000 from the protocol treasury, bringing the total impact to around $5.7 million. According to the disclosure, the incident began with an analysis server exposed to the public internet. Its Actuator heap dump lacked proper password protection, enabling attackers to extract credentials for another server and ultimately take control of the smart-contract private keys. The breach was limited to EVM deployments, including certain treasuries on Ethereum, Base, Blast, and Berachain. Solana deployments and Prop AMM were not affected. Wasabi said it has not made a final decision on user compensation, while reiterating that "ensuring all affected users are compensated" remains its top priority. Additional investigation updates will be posted in the project's Discord community.