DeFi protocol Abracadabra Finance finds itself amid a major security breach, leaving millions of dollars at stake. According to security analysts, this vulnerable protocol has been exploited to siphon off $6.5 million, as of the latest reports.
Hi @MIM_Spell, you may want to take a look (w/ $6.49M Loss) pic.twitter.com/uHs0JweuoM
— PeckShield Inc. (@peckshield) January 30, 2024
Security firms PecShield and BlockSec have sounded the alarm, describing the incident as a malicious attack of significant proportions. BlockSec has revealed that initial investigations point towards a re-entrancy attack targeting the project's smart contracts, though further analysis is imperative.
"This is a reentrancy attack. However, some assets are still at risk and projects and users need to take immediate action," cautioned BlockSec, urging a swift response to mitigate further damage.
At present, an estimated $29 million remains trapped in the affected contracts, according to BlockSec. Despite ongoing efforts to contain the breach, reports from CyversAlerts and Peckshield suggest losses of $10 million and $6.5 million respectively.
Sanctioned Crypto-Mixing Service Implicated
Adding intrigue to the unfolding story, reports suggest the attacker received funds from Tornado Cash, an established crypto-mixing service. An Etherscan link shared by PeckShield points to the attack's focus on Abracadabra's 'Degenbox' feature, renowned for its automated performance-enhancing strategies.
The repercussions of the exploit reverberated as the protocol’s $MIM stablecoin plunged to as low as $0.77, amplifying market turmoil.
Abracadabra Finance Responds
In the wake of the breach, Abracadabra Finance has broken its silence, acknowledging the exploit's impact on select cauldrons within the Ethereum ecosystem. As per reports, the project's engineering team is on high alert, investigating the unfolding crisis to stop the loss of funds.
We are aware of an exploit involving certain cauldrons on Ethereum.
— 🧙🏼♂️ (@MIM_Spell) January 30, 2024
Our engineering team is triaging and investigating the situation.
To the best of its Ability, the DAO treasury will be buying back MIM from the market to then burn.
More updates are coming.
This project has announced plans to initiate a buyback of MIM from the market by its DAO treasury to mitigate losses and restore stability. By implementing this strategy, the protocol aims to alleviate the strain induced by the incident as well as address the fallout from MIM's depegging.
Known for its innovative DeFi lending solutions, Abracadabra Finance has been a major player in decentralized finance for many years. Its platform allows users to leverage various cryptocurrencies as collateral to access the stablecoin, Magic Internet Money.