Blockaid detects $6M exploit on Summer.fi platform

1 hour ago 1



On July 6, blockchain security firm Blockaid flagged an active exploit targeting Summer.fi, with approximately $6 million in DAI drained from the platform’s contracts on Ethereum.

What the on-chain data shows

Blockaid identified three affected contracts on Ethereum: 0x98C49e13bf99D7CAd8069faa2A370933EC9EcF17, 0xA9ca4909700505585B1aD2a1579dA3b670FFA9c4, and 0xE9cDA459bED6dcfb8AC61CD8cE08E2D52370cB06.

The exploiter’s address, 0x7BF716167B48CF527725722C6d79494b45B3BDCa, and an example transaction hash, 0x0db528c44f23fc7fa4544684a2fab81096450a14aae8bc89f42cd0592d43da12, were both published, giving independent researchers an immediate starting point to trace fund flows.

Summer.fi had not issued a comprehensive public response at the time Blockaid published its findings.

What Summer.fi actually is

Summer.fi originally launched as Oasis.app in 2019 as a platform for MakerDAO users, enabling management of DAI borrowing and vault functionalities. It rebranded to Summer.fi around 2023, expanding its focus beyond MakerDAO to include multiple DeFi protocols such as Aave and Morpho. Early in 2026, the platform shifted its focus toward the Lazy Summer Protocol, positioning itself as an AI-powered, automated yield optimization layer operating as a non-custodial, permissionless vault solution aimed at institutional-grade yield infrastructure.

No prior major exploits involving Summer.fi appear in available records, which makes this incident a first for the platform’s security track record.

Blockaid’s role

Blockaid’s detection system identified the attack in real time, surfacing the exploiter’s wallet address, the affected contracts, and an example transaction hash on-chain. The firm has flagged exploits across multiple DeFi protocols before, building a reputation as one of the more reliable early warning systems in the ecosystem.

What this means for DeFi investors

Platforms similar to Summer.fi, those that route user capital across multiple protocols automatically, carry compounded smart contract risk. Each protocol in the routing chain is a potential attack surface. The more complex the automation layer, the wider that surface becomes.

Disclosure: This article was edited by Editorial Team. For more information on how we create and review content, see our Editorial Policy.

Read Entire Article