Announcing the incident on its official X (formerly Twitter) handle, the DeFi protocol stated that it is aware of an exploit on its platform that involved ‘certain cauldrons on Ethereum.’ Its engineering team is investigating the situation, they noted.
We are aware of an exploit involving certain cauldrons on Ethereum.
Our engineering team is triaging and investigating the situation.
To the best of its Ability, the DAO treasury will be buying back MIM from the market to then burn.
More updates are coming.
— 🧙🏼♂️ (@MIM_Spell) January 30, 2024
The Financial Impact on Abracadabra Money
In an effort to mitigate the impact of the crypto theft, the Abracadabra decentralized autonomous organization (DAO) treasury will be buying back its Magic Internet Money (MIM) tokens from the market for burning.
While the platform has been forthcoming about the platform hack, it did not disclose how much in funds were stolen by the malicious actor.
Providing further details on the hack, Cyvers Alerts revealed on social media that the perpetrator managed to abscond with $6.5 million in crypto assets. This resulted in over 2,740 Ether tokens being illicitly withdrawn from the Abracadabra Money platform’s wallet address.
Around $4 million out of the pilfered loot was then transferred to a new Ethereum-based wallet address.
🚨ALERT🚨Our AI powered system has detected multiple suspicious transactions with @MIM_Spell (Ongoing)
Based on our first investigation, attacker was able to gain around $6.5M.
Attacker was funded by @TornadoCash. Around $4M already transferred to a new EOA at… pic.twitter.com/41tJtKh97Q
— 🚨 Cyvers Alerts 🚨 (@CyversAlerts) January 30, 2024
According to blockchain security and analytics firm Peckshield, the hacker executed the cyberattack using an initial 1 Ether funded through the US-sanctioned crypto mixing protocol Tornado Cash.
Crypto Thefts Dipped 54% in 2023
Abracadabra Money is a non-custodial stablecoin DeFi lending protocol that enables users to deposit various crypto assets as collateral and receive its MIM token in return.
Subsequently, users can trade or lock up these DeFi tokens on other decentralized application (dApp) platforms to generate passive income.
The recent hack on the platform is not an isolated event but rather part of a trend in the crypto industry, particularly within the DeFi sub-sector.
Since its launch in August 2020, smart contract-backed financial systems have consistently been targeted by various cyber threat groups.
In 2021 alone, DeFi projects incurred losses exceeding $3.2 billion, primarily within the blockchain-based financial system.
While the total losses in 2022 decreased to $3.1 billion, the trend has continued to decline in the past year. According to a Chainalysis annual report, total crypto losses in 2023 amounted to $1.7 billion, indicating a considerable 54.3% drop from the previous year.
Funds stolen from crypto platforms in 2023 fell 54.3% to $1.7 billion. This is mostly due to a drop in DeFi hacking, which drove the increase in stolen crypto that we saw in 2021 and 2022. However, there still were several large DeFi hacks in 2023. pic.twitter.com/s8Ix982HR2
— Chainalysis (@chainalysis) January 24, 2024
Despite the drop in fiat value stolen, the report highlighted a slight increase in the number of cyber threats compared to 2022. In 2022, there were 219 cyber threats, which rose to 231 in 2023, according to the blockchain security firm.
The report also delves into the role of bad actors, with the North Korea-backed Lazarus Group notably standing out. Chainalysis revealed that this cyber threat group accounted for $1 billion out of the $1.7 billion total losses and launched a record number of 20 attacks.
Value lost in DeFi hacks declined by 63.7% YoY. @mgimenezaguilar at @HalbornSecurity shared potential reasons behind this decline, citing DeFi security improvements, but also the overall drop in DeFi TVL, which may have reduced funds available to steal.
— Chainalysis (@chainalysis) January 24, 2024
Giving reasons behind a lower loss ratio, Chainalysis stated that better security measures and lower amounts of digital assets in the DeFi space played important roles.