Hacker Exploits Smart Contracts Vulnerability, Steals $13 Million in Ethereum
25.03.2025 20:15 1 min. read Alexander Stefanov
A security flaw in Abracadabra’s smart contracts has led to a major exploit, with a hacker draining around 6,262 ETH—valued at roughly $13 million—from the protocol’s liquidity pools.
The attack, identified as a flash loan exploit, was initially flagged by blockchain security firm PeckShield.
Abracadabra’s lending system, known as “cauldrons,” integrates with GMX liquidity pools to facilitate borrowing and lending. The hacker reportedly manipulated the liquidation process in the GMX V2 integration, exploiting a weakness that allowed them to extract funds from the protocol.
Blockchain researcher Weilin Li analyzed the incident, noting that the attacker used a flash loan to trigger self-liquidation. Flash loans, a DeFi feature allowing users to borrow funds without collateral as long as they are repaid within the same transaction block, played a key role in the exploit.
The attacker borrowed Abracadabra’s stablecoin, Magic Internet Money (MIM), and executed a multi-step strategy to convert the debt into cash, profiting from liquidation incentives.
Despite the breach, a GMX developer confirmed that the attack did not compromise GMX’s core contracts. The stolen funds were later transferred from Arbitrum to Ethereum.
This isn’t the first security incident for Abracadabra. In January 2024, another exploit targeting its MIM stablecoin led to a $6.5 million loss, raising concerns over the protocol’s ongoing vulnerabilities.
-
1
Crypto Users Targeted in New Sophisticated Wallet Scam
17.03.2025 17:00 2 min. read -
2
New Microsoft Discovery Reveals Malware Targeting Cryptocurrency Wallets on Chrome
20.03.2025 13:00 2 min. read -
3
Crypto Platform Faces $8.4 Million Loss After Exploit Compromises Admin Privileges
22.03.2025 10:00 1 min. read -
4
Bithumb Under Investigation in South Korea for Alleged Misuse of Company Funds
20.03.2025 14:00 1 min. read -
5
Interpol Fugitive May Be Tied to New Crypto Scheme
16.03.2025 20:00 2 min. read
Five Arrested in India for $700K Crypto Fraud Scheme
Indian authorities recently apprehended five individuals, including one woman, involved in a sophisticated crypto scam that defrauded a businessman of nearly $700,000.
Crypto Influencer BitBoy Arrested on Serious Charges in Florida
Ben Armstrong, known in the crypto community as BitBoy, has recently been arrested in Florida, creating waves throughout the digital currency space.
U.S. Authorities Retrieve $7M in Crypto Fraud Case, Highlighting Ongoing Scam Issues
Cryptocurrency scams are becoming an increasing threat as the market grows, with fraudsters creating fake platforms to lure unsuspecting investors.
Crypto Platform Faces $8.4 Million Loss After Exploit Compromises Admin Privileges
Zoth, a platform specializing in re-staking real-world assets (RWA), has suffered a significant security breach, resulting in the theft of over $8.4 million in crypto.
-
1
Crypto Users Targeted in New Sophisticated Wallet Scam
17.03.2025 17:00 2 min. read -
2
New Microsoft Discovery Reveals Malware Targeting Cryptocurrency Wallets on Chrome
20.03.2025 13:00 2 min. read -
3
Crypto Platform Faces $8.4 Million Loss After Exploit Compromises Admin Privileges
22.03.2025 10:00 1 min. read -
4
Bithumb Under Investigation in South Korea for Alleged Misuse of Company Funds
20.03.2025 14:00 1 min. read -
5
Interpol Fugitive May Be Tied to New Crypto Scheme
16.03.2025 20:00 2 min. read
