Abracadabra suffers $6.5 million attack; team: user assets unaffected
The MIM stablecoin project Abracadabra was reportedly hacked yesterday due to a protocol logic flaw, resulting in a total loss of 6.5 million US dollars. The team has stated that the vulnerability has been temporarily addressed and they are attempting to communicate with the hacker, but there is no further information at this time.
Table of Contents
Abracadabra Hacked Due to Contract Logic Vulnerability
Incident Overview
According to PeckShield's analysis, attackers exploited a contract vulnerability yesterday to obtain 1,800 ETH and 2.2 million MIM from the Abracadabra contract. They then exchanged the MIM for ETH on exchanges like Curve and Uniswap, distributing the funds to two new wallets.
The estimated loss from this incident is around $6.5 million.
According to the initial investigation by the Abracadabra team, the vulnerability targeted specific Cauldrons V3 and V4, allowing unauthorized borrowing of MIM.
Abracadabra Team's Temporary Resolution
The Abracadabra team is actively investigating the hacker attack. Currently confirmed announcements include:
- User assets are not at risk.
- The vulnerability issue has been temporarily resolved: borrowing limits have been adjusted to zero to prevent further risks from expanding as a temporary solution.
- Assistance from partner Chainalysis: In addition to assisting with on-chain analysis and tracking, they will also attempt to collaborate with exchange partners to block funds.
- Hacker communication: The team has also sent on-chain messages to the hacker in an attempt to communicate and retrieve funds. Source
The team plans to release a more detailed analysis report in the future.
Abracadabra Current Status
As of the deadline, governance token SPELL has experienced a daily decrease of approximately 5%, with a price of around $0.0005.
Stablecoin MIM, which suffered a significant sell-off during the attack, dropped to around $0.75, but quickly recovered to above $0.95, currently maintaining a price above $0.98.
The project currently has a Total Value Locked (TVL) of $128 million, and there have been no significant impacts or fund outflows reported.
Related
- Dark web hackers selling 10 million pieces of Binance user data, Binance refutes: Completely false
- ZachXBT exposes North Korean hacker crime network, pretending to be a developer infiltrating teams to embezzle money: earning $500,000 per month
- Microsoft and CrowdStrike issue lead to the largest IT outage in history