About $ 13 million worth of cryptocurrency was drained from the decentralized lending protocol to Abracadabra.Money following an exploitation of pools targeting pools using GMX tokens.
In a post of March 25 x, the crypto cybersecurity firm Peckshield reported that contracts related to GMX and Abracadabra.Money are compromised, resulting in the loss of nearly 6,260 ether (Eth), worth about $ 13 million.
The news is following Abracadabra.Money Lost $ 6.49 million After its wise contracts were compromised in late January 2024. At this time, it also led to the Magic Internet Money (MIM) stablecoin of the protocol that lost its peg in the US dollar.
Related: The new dex of pump.fun reaches $ 1b volume a week after launch
GMX denies the weakness of the contract
Despite preliminary reports, a pseudonymous contributing GMX communication claimed In X that the “GMX contracts are not affected.” According to the user, GMX is involved because MIM pools are based on GMX V2 pools.
GMX Market (GM) tokens are a major part of the GMX platform, earning fees from swaps and leveraged trading. Mim’s pools, known as CauldronsThe main product of the protocol and provides isolated lending exposure.
Related: Defi Lender Nostra stopped borrowing after price feed error
In an official post of X, GMX Nakasa said That hack is involved in MIM’s pools using GM tokens. The post further stated that “no issues have been identified with GMX contracts,” adding:
“We believe the issue is only associated with the Cauldrons of Abracadabra/Spell. These pots allow borrowing against GM’s specific liquidity tokens.”
GMX and Abracadabra.Money did not respond to Cointelegraph’s inquiry at the time of publication.
Tornado hackers use, Ethereum bridge
Graphic tracking of the -hack funds. Source: Amlbot
Crypto forensics firm amlbot provided Cointelegraph with a slight rebuild of how the hack was performed. The hacker address was first funded by the Tornado Cash decentralized cryptocurrency mixer, and then those funds were used to pay for the transaction transactions fees. The stolen ETH was later transferred from the Arbitrum network to Ethereum by a Blockchain bridge:
“The stolen fund, which covers 6,260 ETHs, is moved from the arbitrum to Ethereum by a bridge.”
The AMLBOT Department of Investigations also confirmed the cointelegraph that only Abracadabra.Money contracts were damaged as part of the hack. GMX Smart contracts, on the other hand, are not exploited in malicious transactions, Amlbot added.
Magazine: What are native rollups? Full guide to Ethereum’s latest change
