🚨 Aperture Finance Security Breach Requires Immediate User Action

🔐 Revoke approvals now

By Aperture Finance
Jan 30, 2026, 12:04 PM
twitter

Aperture Finance has confirmed a security exploit affecting its V3/V4 contracts across multiple DeFi platforms.​

Immediate Actions Required:

  • Users who utilized Instant Liquidity features on Uniswap V3/V4, PancakeSwap V3/Infinity, or Aerodrome/Velodrome through Aperture must revoke contract approvals immediately
  • Visit revoke.​cash to verify and revoke approvals
  • Priority revocation needed for Ethereum mainnet contract: 0xD83d960deBEC397fB149b51F8F37DD3B5CFA8913

Platform Response:

  • Core features disabled on frontend to prevent new approvals
  • Security partners engaged to investigate root cause
  • Full list of affected contract addresses provided
  • Post-mortem analysis pending

The team is working with security experts to determine the exploit's scope and prevent further exposure.​

Sources
Read more about Aperture Finance

Aperture Finance Exploit Traced to Proxy Module Vulnerability

Aperture Finance identified the technical root cause of a recent security exploit. The attack targeted a **peripheral proxy contract** used for liquidity aggregation, not the core system. **Key Details:** - Attacker exploited an input validation bypass - Malicious calldata was injected through the vulnerability - The breach was **isolated to the proxy module only** - Core liquidity management engine remains secure and unaffected This contrasts with earlier speculation from November 2024 that suggested oracle price manipulation as the attack vector. The actual exploit proved to be a more targeted vulnerability in the aggregation proxy layer. The isolation of the vulnerability to a peripheral component suggests the platform's core architecture maintained its security integrity during the incident.

Aperture Finance Disables Web App After Security Incident, Launches Fund Recovery Effort

**Aperture Finance has taken immediate action following a security incident:** - All affected web application functionalities have been **completely disabled** to contain the situation - The team is collaborating with **top-tier forensic security firms** to investigate the breach - **Law enforcement coordination** is underway to trace the movement of affected funds - Recovery channels are being established to **negotiate the return of funds** The platform remains in containment mode while the investigation continues.

Aperture Finance Security Alert: Instant Liquidity Management Users Must Revoke Approvals

**Security Issue Identified** Aperture Finance has identified a vulnerability affecting users who authorized approvals for "Instant Liquidity Management" features on V4-ready contracts. These features include: - Minting - Adding Liquidity - Reinvesting **Who Is Affected** Users who utilized Instant Liquidity features on: - Uniswap V3/V4 - PancakeSwap V3/Infinity - Aerodrome/Velodrome **Who Is Safe** Users of Automation Strategies are **NOT at risk**, including: - Auto-Rebalance - Prescheduled Position Close - Auto-Compound - Limit Order The core automation infrastructure operates on a separate, unaffected architecture. **Immediate Action Required** If you used the affected Instant Liquidity features: 1. Visit [revoke.cash](http://revoke.cash) immediately 2. Verify and revoke approvals for the affected contracts 3. Check the full list of affected contract addresses in the original announcement *Protect your assets by taking action now.*

🔒 Aperture Finance Security Breach Contained

Aperture Finance disclosed a **targeted security incident** on January 25, 2026, involving a vulnerability in a helper module. **Key Details:** - The exploit has been **fully contained** - Forensic analysis is currently underway - Team has released an impact scope and immediate action plan The platform is working to assess the full extent of the breach and implement necessary security measures. Users should monitor official channels for updates on the investigation and any required actions.