Cyvers, a blockchain security firm, recently reported a major security breach that affected the DeFi platform Abracadabra’s MIM_Spell platform. This breach resulted in the loss of 6,262 ETH, totaling approximately $12.9 million.
The attacker swiftly transferred the stolen ETH to the Ethereum network and spread the funds across three newly created wallets, as per Cyvers’ findings.
MIM confirmed the breach on March 25, acknowledging the exploit in a statement without specifying the exact amount stolen. The attack targeted the platform’s gmCauldron smart contracts, which had previously passed audits conducted by Guardian Audits, the team responsible for reviewing GMX’s core infrastructure.
Despite having additional security layers in place, such as integrations with Hexagate and ZeroShadow’s threat-tracking system, the exploit went undetected until several transactions had already occurred. ZeroShadow eventually identified the irregular activity, prompting Abracadabra to halt all borrowing functions tied to the affected contracts.
While no user collateral was compromised, MIM’s internal teams are currently assessing the extent of the breach. In a statement, MIM expressed willingness to negotiate a bug bounty with the hacker for 20% of the total stolen amount.
Although initial concerns suggested that GMX’s platform may have been impacted, the DEX clarified that its smart contracts were unaffected. The exploit was isolated to Abracadabra’s cauldrons, specifically those supporting borrowing against GM liquidity tokens.
GMX assured users that the incident was being investigated by contributors from Spell, GMX, and security researchers to determine the root cause.
Despite GMX distancing itself from the breach, the platform’s native token experienced a slight decline in value. According to data from CryptoSlate, GMX saw a drop of nearly 5%, falling from $14.74 to $13.74 before recovering slightly to around $14.13 at the time of writing.
As cybersecurity continues to be a critical concern in the blockchain and DeFi space, incidents like this highlight the importance of ongoing vigilance and robust security measures to safeguard user funds and platform integrity.