On June 17, 2025, Meta Pool, a liquid staking platform on the Ethereum Network, suffered an exploit that It resulted in the subtraction of approximately 52.5 Ether (ETH) of its liquidity exchange pools (approximately 132 thousand dollars).
The attack, detected by security researchers and content by the Meta Pool development team, He presented vulnerabilities in his token mpeth contractused to facilitate liquid staking in Ethereum. At the moment, the Mpeth contract will be suspended “while the necessary research and mitigation measures are carried out.” That is, transfers are disabled.
The exploit involved the unauthorized creation of 9,705 tokens Mpeth, an asset that represents Ether bet on the finishing platform Pool.
According to him report Preliminary of the company, the attack was carried out through the function MINT (print) of the standard ERC-4626a protocol that defines how smart contracts manage deposited assets, as in the case of liquid staking.
This mechanism allows users deposit Ether in a contract and receive tokens They represent their participation, which can be negotiated or used in other decentralized finance applications (DEFI) without the need to withdraw the original funds.
In the case of Meta Pool, the function MINTwhich should be protected against unauthorized accesses, It was manipulated to generate MPETH without depositing the corresponding ether.
Meta Pool team, in collaboration with Blocksec security firm, achieved contain the attack And he assured that Staking Funds, delegates to operators of the SSV Network network, remain intact. These operators are responsible for validating blocks in the Ethereum main network, generating staking rewards that benefit the users of the platform.
Additionally, from the company they pointed out that “all users affected by this exploit will be completely compensated and reimburse the assets lost by this incident.”
Ultimately, Meta Pool has promised to publish a full report (post-mortem) In the next 48 hours, detailing the causes of the exploit and the measures to prevent future incidents.
