Cascade, a Polychain-backed perpetuals platform, has informed users in its Discord that its main vault has been drained of over $1.3 million in $USDC.
It wrote, “Cascade detected a security exploit affecting our CLS vault, resulting in a loss of approximately $1.3M in user funds. We immediately paused all trading and withdrawals while we investigate.”
This admission comes after on-chain sleuths had spent months telling depositors to pull their money out of the platform.
The stolen funds came from the Cascade Liquidity Strategy vault, known as the CLS, according to blockchain security firm PeckShieldAlert.
The CLS holds pre-allocated deposits from an invite-only campaign Cascade called First Wave. Those deposits were locked until the platform’s public launch, which means the people who put money in had no way to get it out before the attacker struck.
The warnings came first
On-chain analyst Morsy, who posts as @morsyxbt, has been one of the voices that has been calling users to be wary of Cascade, calling it a “scam project” in an earlier investigation. He stated, “few days ago I reposted that tweet and warned to take your funds out.”
Now he says the result is that the “cascade team after 2 months of inactivity suddenly announced on their discord that they have been hacked for $1.3M.”
Another analyst, posting as @mztacat on X, had warned depositors on July 6, writing, “Careful out there with @cascade_xyz – If you’ve got funds in it, I suggest you withdraw.”
The account mentioned then that they had been hearing rumors of some exit. They also pointed out that the protocol had shared no update in over a month, with no activities from the admins as well.
On July 16, @mztacat is back like a prophet, stating that they warned “depositors twice about this Protocols when discovered they’re teams form Perennial and moving sketchy.”
Perennial was a DeFi derivatives protocol that raised $12.6 million in December 2022 with backing from Polychain, Variant, Archetype, and Coinbase.
A trader using the X handle @0xGwoni said he had recommended pulling funds from Cascade roughly ten days earlier, and that liquidity in the vault had since fallen by more than 95%.
Where did the Cascade funds go?
PeckShieldAlert traced a laundering route built to dodge a freeze. The attacker moved the 1.34 million $USDC on Arbitrum, then bridged it to Solana and routed it back to Ethereum through Relay Protocol, swapping into DAI along the way.
A project that had gone quiet
Cascade closed a $15 million seed round led by Polychain and Variant in December 2025 and had marketed itself as a “neo-brokerage” offering round-the-clock perpetual trading on crypto, commodities, and tokenized pre-IPO shares in companies like OpenAI, SpaceX, and Stripe.
Mainnet was targeted for the first quarter of 2026. Its final pre-allocation event, which opened an additional $5 million window, ran on January 21.
The team then went dark for almost two months, several of the analysts noted, before resurfacing to confirm the hack.
Exploit came a day after Ostium, another Arbitrum perpetuals platform, halted trading following an oracle-based attack that drained an estimated $18 million. They join a growing list of DeFi Vaults exploits in July alone. Some of the incidents are the Lazy Summer Protocol incident, which lost about $6.04 million on July 6, and Bonzo Finance on Hedera, which lost $9 million days later, among others.
Cascade stated that they have “engaged SEAL 911 and other third-party security teams and are actively working to secure the platform.” The team says that it will provide any updates as soon as more details arise.
en.cryptonomist.ch
u.today