Decentralized credit platform Abracadabra.money is under attack again: this is the second hack in a year, during which hackers withdrew cryptocurrencies for more than 6,000 ETH, which at the time of the attack corresponded to more than $ 13 million
Representatives of the project confirmed the fact of the hack on social networks. According to preliminary data, the attackers used a vulnerability in one of the credit systems, which is associated with the “cauldrons” – a liquidity pool operating with GMX. At the same time, GMX emphasized that its smart contracts remain protected.
After the Zeroshadow security team reported suspicious activity, Abracadabra promptly suspended all borrowing functions and launched an internal investigation. According to their statements, user security was not affected. In the meantime, the hacker transferred tokens from Arbitrum to the Ethereum network and placed them in three separate wallets. The project offered him a 20% reward to get some of the funds back.
This is the second attack on Abracadabra in the last 14 months: in January 2024, the platform lost $6.5 million due to another vulnerability in smart contracts. Abracadabra operates on the basis of the inflationary stablecoin Magic Internet Money (MIM), which users create using collateral in the form of interest-bearing tokens.
Despite various protection systems, DeFi projects remain vulnerable to well-planned attacks. Abracadabra, although it reacted quickly, lost not only funds, but also trust. This incident once again calls into question security in decentralized finance and proves once again: smart contracts require not only code, but also strategic security.
119 
109 
128 