Abracadabra.Money’s GMX pools hacked, $13M lost
About $13 million worth of cryptocurrency has been drained from decentralized lending protocol Abracadabra.Money following an exploit targeting pools using GMX tokens.
In a March 25 X post, crypto cybersecurity firm PeckShield reported that contracts related to GMX and Abracadabra.Money had been compromised, resulting in the loss of about 6,260 Ether ( ETH ), worth around $13 million.
The news follows Abracadabra.Money losing $6.49 million after its smart contracts were compromised in late January 2024. At the time, this also led to the protocol’s Magic Internet Money (MIM) stablecoin losing its peg to the US dollar.
Related: Pump.fun’s new DEX reaches $1B volume a week after launch
GMX denies contract vulnerability
Despite initial reports, a pseudonymous GMX communications contributor claimed on X that “GMX contracts are not affected.” According to the user, GMX is involved because MIM’s pools are based on GMX v2 pools.
GMX Market (GM) tokens are a core part of the GMX platform, earning fees from swaps and leveraged trading. MIM’s pools, known as cauldrons , are the protocol’s core product and provide isolated lending exposure.
Related: DeFi lender Nostra pauses borrowing after price feed error
In an official X post, GMX stated that the hack involved MIM’s pools that used GM tokens. The post further claimed that “no issues have been identified with GMX contracts,” adding:
“We believe the issue relates solely to the Abracadabra/Spell cauldrons. These cauldrons allow for borrowing against specific GM liquidity tokens.”
GMX and Abracadabra.Money had not responded to Cointelegraph’s inquiry by the time of publication.
Hackers use Tornado Cash, bridge to Ethereum
Graphic tracking the hacked funds. Source: AMLBot
Crypto forensics firm AMLBot provided Cointelegraph with a partial reconstruction of how the hack was performed. The hacker’s address was first funded through the Tornado Cash decentralized cryptocurrency mixer, and then those funds were used to pay the transaction fees of the malicious transactions. The stolen ETH was later moved from the Arbitrum network to Ethereum via a blockchain bridge:
“The stolen funds, totaling 6,260 ETH, have been transferred from Arbitrum to Ethereum via a bridge.”
AMLBot’s investigations department also confirmed to Cointelegraph that only Abracadabra.Money contracts were breached as part of the hack. The GMX smart contracts, on the other hand, were not exploited in the malicious transactions, AMLBot added.
Magazine: What are native rollups? Full guide to Ethereum’s latest innovation
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
Aave generates over $1 billion in interest on the Ethereum network
Bitcoin Mining Difficulty Hits New All-Time High
Bitcoin mining difficulty reaches a record high, signaling stronger network security and rising confidence.Stronger Than Ever: What This Milestone MeansWhy It’s Bullish for BitcoinThe Bigger Picture
GMGN Earns $60M in SOL, Powers Solana Growth
GMGN earns $60M in SOL fees, stakes all to support Solana. Transaction speed hits 0.58 seconds.GMGN Stakes $60M to Boost SolanaSolana’s Speed Keeps ClimbingConfidence in the Ecosystem
Phaver Shuts Down as Token Crashes 99% Since TGE
Phaver shuts down after a 99% token crash. Costly listings and no token sales left the team without enough funds to continue.The Fall of Phaver: What Went Wrong?Massive Costs, No RevenueLessons for Web3 Startups
Trending news
MoreCrypto prices
More
