Decentralized finance (DeFi) lending protocol Abracadabra has once again fallen victim to a sophisticated exploit, losing approximately $1.8 million in MIM tokens. This latest attack targeted the platform’s “cook” function, allowing the attacker to borrow a significant amount of tokens and swap them for other assets.
This breach marks the third major hack linked to Abracadabra this year, raising concerns about the platform’s contract security. In response to the attack, the protocol repurchased 6.5 million MIM tokens in May, covering about half of the $13 million lost in a previous exploit in March. The team confirmed that user funds were unaffected and used part of its $19 million treasury to stabilize the token supply.
The attacker exploited a flaw in the “cook” function across six different wallet addresses, borrowing 1,793,755 MIM tokens and profiting approximately $1.7 to $1.8 million. Security analysts confirmed that the exploit was due to a logical error in the code, rather than a reentrancy bug or flash loan vulnerability.
Abracadabra’s development team has identified and mitigated the exploit, assuring users that no other funds or users are at risk. To prevent future attacks, security experts recommend implementing isolated state checks for each action and adding mandatory solvency validations after borrowing operations.
The attack on Abracadabra is part of a broader trend of DeFi hacks surging in 2025, with exploits exposing hidden smart contract risks. Earlier this year, Abracadabra suffered a $13 million breach in March and a $6.49 million hack in January, both involving complex logic flaws in its smart contract architecture.
Overall, the DeFi sector has experienced a significant increase in hacks and thefts in 2025, with over $2.17 billion stolen between January and June. Despite a slight decrease in losses in September, exploit activity remains high, underscoring the need for robust security measures in DeFi protocols to protect user funds. SwissBorg, a prominent cryptocurrency platform, recently fell victim to a devastating hack, resulting in a staggering loss of $41.5 million. The hack, which targeted the platform’s API, is just one in a series of security breaches that have plagued the crypto industry in 2025. The incident comes on the heels of other high-profile hacks, such as the Nemo and Aqua exploits, further underscoring the urgent need for stronger security measures within the industry.
The $41.5 million stolen from SwissBorg is part of a larger trend of increasing losses within the crypto space. In fact, mid-year losses in 2025 have already exceeded the total amount stolen in 2024, reaching a staggering $2.2 billion. Analysts are sounding the alarm, warning that unless significant improvements are made to security protocols, this year could go down in history as one of the worst for crypto breaches.
In a separate but related incident, the DeFi platform Abracadabra was hit with its third major hack of the year, resulting in the loss of an additional $1.8 million. The hack has raised concerns about the security of DeFi platforms and the vulnerabilities that exist within the ecosystem.
These recent hacks serve as a stark reminder of the risks inherent in the crypto industry and the importance of implementing robust security measures. As the popularity of cryptocurrencies continues to grow, it is crucial that companies prioritize the protection of their users’ funds and data. Only by addressing these security challenges head-on can the industry hope to build trust and credibility with investors and users alike.
The aftermath of these hacks serves as a wake-up call for the crypto industry, highlighting the need for improved security practices and regulations. As we move forward, it is essential that companies take proactive steps to safeguard their platforms and protect against potential threats. By prioritizing security and staying vigilant against emerging risks, the crypto industry can work towards a safer and more secure future.