Abracadabra Finance Loses $13M in MIM Stablecoins After Smart Contract Exploit

Abracadabra Finance, a decentralized finance (DeFi) platform, recently confirmed a significant security breach targeting its gm cauldrons products. The hack resulted in a substantial loss of 13 million MIM stablecoins. The incident was first identified by blockchain security firm Cyvers, which reported that the attack led to the theft of 6,262 ETH, valued at approximately $12.9 million. The attacker swiftly bridged the stolen ETH to the Ethereum network and distributed the funds across three newly generated wallets.

The platform acknowledged the exploit on March 25, stating that the attack targeted its gmCauldron smart contracts. These contracts had undergone audits by Guardian Audits, the same team responsible for reviewing GMX’s core infrastructure. Despite additional security measures, including integrations with Hexagate and ZeroShadow’s threat-tracking system, the exploit went undetected until several transactions had been completed. ZeroShadow eventually identified the irregular activity, prompting Abracadabra to suspend all borrowing functions tied to the impacted contracts.

The platform emphasized that no user collateral was compromised, but its internal teams are still assessing the full scope of the breach. In an effort to recover the stolen funds, Abracadabra offered a 20% bug bounty to the hacker, encouraging negotiations for the return of the assets. The platform provided contact details for the hacker to reach out, either through direct communication or on-chain to their treasury address on ETH.

Despite initial concerns that the incident might impact GMX’s platform, the decentralized exchange (DEX) clarified that its smart contracts remained untouched. GMX stated that the exploit was isolated to Abracadabra’s cauldrons, which support borrowing against GM liquidity tokens. The protocol, along with contributors from Spell, GMX, and security researchers, is currently investigating the cause of the issue.

The attack on Abracadabra Finance highlights the ongoing challenges faced by DeFi platforms in securing their smart contracts and protecting user assets. The incident serves as a reminder of the importance of robust security measures and continuous monitoring to prevent such exploits. As the investigation into the breach continues, Abracadabra Finance remains committed to recovering the stolen funds and enhancing its security protocols to prevent future incidents.