Hacker Exploits Smart Contracts Vulnerability, Steals $13 Million in Ethereum
25.03.2025 20:15 1 min. read Alexander Stefanov
A security flaw in Abracadabra’s smart contracts has led to a major exploit, with a hacker draining around 6,262 ETH—valued at roughly $13 million—from the protocol’s liquidity pools.
The attack, identified as a flash loan exploit, was initially flagged by blockchain security firm PeckShield.
Abracadabra’s lending system, known as “cauldrons,” integrates with GMX liquidity pools to facilitate borrowing and lending. The hacker reportedly manipulated the liquidation process in the GMX V2 integration, exploiting a weakness that allowed them to extract funds from the protocol.
Blockchain researcher Weilin Li analyzed the incident, noting that the attacker used a flash loan to trigger self-liquidation. Flash loans, a DeFi feature allowing users to borrow funds without collateral as long as they are repaid within the same transaction block, played a key role in the exploit.
The attacker borrowed Abracadabra’s stablecoin, Magic Internet Money (MIM), and executed a multi-step strategy to convert the debt into cash, profiting from liquidation incentives.
Despite the breach, a GMX developer confirmed that the attack did not compromise GMX’s core contracts. The stolen funds were later transferred from Arbitrum to Ethereum.
This isn’t the first security incident for Abracadabra. In January 2024, another exploit targeting its MIM stablecoin led to a $6.5 million loss, raising concerns over the protocol’s ongoing vulnerabilities.
-
1
US Treasury Sanctions Iran-Backed Rebel Network Over Crypto Transactions and Arms Supply
05.04.2025 15:00 2 min. read -
2
Bloomberg Strategist Predicts Bitcoin Crash to $10,000
07.04.2025 15:30 1 min. read -
3
American Woman Loses Millions in Sophisticated Crypto Scam
04.04.2025 18:00 2 min. read -
4
Australia Cracks Down on Almost 100 Crypto Companies Linked to Fraudulent Scams
09.04.2025 20:00 2 min. read -
5
$20 Million AI Scam Uncovered in Spain: Criminal Network Exposed
09.04.2025 14:00 2 min. read
Hackers Target UK Official’s Account in Crypto Scam Disguised as Government Project
A recent cyberattack targeting a UK government official’s social media account has highlighted ongoing concerns over digital impersonation and crypto scams.
NFT Trader Faces Prison for Hiding Millions in CryptoPunk Profits from IRS
A former NFT trader is facing potential prison time after admitting to hiding millions in profits from the IRS through undeclared sales of high-value digital assets.
Crypto Wallets Targeted by Sophisticated Malware Campaign
Cybersecurity researchers are sounding the alarm after discovering a new and increasingly sophisticated attack targeting the crypto community.
Australia Cracks Down on Almost 100 Crypto Companies Linked to Fraudulent Scams
Australia’s efforts to combat crypto-related fraud have intensified, with the country’s Securities and Investments Commission (ASIC) targeting 95 companies allegedly involved in deceptive schemes like pig butchering scams.
-
1
US Treasury Sanctions Iran-Backed Rebel Network Over Crypto Transactions and Arms Supply
05.04.2025 15:00 2 min. read -
2
Bloomberg Strategist Predicts Bitcoin Crash to $10,000
07.04.2025 15:30 1 min. read -
3
American Woman Loses Millions in Sophisticated Crypto Scam
04.04.2025 18:00 2 min. read -
4
Australia Cracks Down on Almost 100 Crypto Companies Linked to Fraudulent Scams
09.04.2025 20:00 2 min. read -
5
$20 Million AI Scam Uncovered in Spain: Criminal Network Exposed
09.04.2025 14:00 2 min. read
