Abracadabra.Finance, a crypto lending platform, simply received hacked, and the hacker stole $13 million value of Ethereum (ETH)
Safety consultants Cyvers and PeckShield noticed the assault, confirming that the hacker moved 6,262 ETH to the Ethereum community, spreading the cash throughout three totally different wallets.
Abracadabra has additionally confirmed the assault, however didn’t say how a lot was stolen at first. The hacker focused “cauldrons,” that are lending swimming pools the place customers borrow towards crypto property. These good contracts had already been audited by Guardian Audits, which additionally reviewed GMX’s techniques. Regardless of further safety from Hexagate and ZeroShadow, the assault went unnoticed till a number of transactions had already been accomplished.
After ZeroShadow flagged the difficulty, Abracadabra shut down borrowing on all affected contracts. The corporate is now working with safety companies, together with Guardian Audits and GMX, to determine precisely how the breach occurred. “The total injury of the assault is at the moment being assessed. We’re working along with Guardian Audits, GMX, and different safety friends to determine the execution of the hack,” the corporate mentioned.
As an alternative of chasing the hacker legally, Abracadabra supplied them a deal to return the funds and preserve 20% as a bounty. “To the hacker, we’re completely satisfied to entertain negotiations for a bug bounty of 20% of the overall,” the workforce announced.
Some individuals nervous that GMX, a decentralized trade, was additionally affected, however GMX rapidly shut down these rumors. “We imagine the difficulty relates solely to the Abracadabra/Spell cauldrons,” GMX mentioned in a press release. Despite the fact that GMX wasn’t hacked, its token worth nonetheless dropped by about 5%, going from $14.74 to $13.74 earlier than barely recovering.
Blockchain investigators from Chainalysis have been monitoring the stolen ETH. They discovered that the hacker bridged the funds from Arbitrum to Ethereum after which saved them in no less than three totally different wallets. Proper now, safety groups are nonetheless attempting to hint the transactions and probably get well the cash.
Abracadabra has reassured customers that no collateral was misplaced, which means debtors and lenders didn’t instantly lose their funds. Nonetheless, the corporate continues to be assessing the complete affect of the assault. An in depth autopsy report will probably be launched as soon as the investigation wraps up.
In the meantime, this isn’t Abracadabra’s first safety subject. In 2024, the platform was hacked for $6.49 million, which brought about its Magic Web Cash (MIM) stablecoin to lose its peg to the U.S. greenback.
Additionally Learn: Hackers promote XRP by hacking Socials of Media House
