Decentralized-finance protocol 0VIX has lost roughly $2 million in a flash-loan exploit, according to on-chain data on Polygon's block explorer.
A total of 1.45 million USDC, along with other tokens, was stolen before being bridged to the Ethereum mainnet on Stargate Finance, where it was eventually swapped for ether (ETH).
The protocol had $6.4 million in total value locked before the exploit. That figure has now slumped to $1.7 million as investors rapidly withdrew their capital.
This is the latest in a series of crypto exploits, with ZkSync-based decentralized exchange Merlin suffering a $2 million rug pull on Wednesday.
0VIX confirmed the attack on Twitter, stating that it is "working with its security partners to look into the current situation."
"Only POS has been currently affected but zkEVM has been paused as a precaution and will likely be enabled shortly again," it added.
Read more: DEX Merlin and CertiK Plan to Compensate $2M to Users Impacted in Rug Pull