One of the infiltrators took advantage of the smart contract for the Abbabra Protocol for Demonie Financing (Defi) to withdraw approximately 6,262 ETH of approximately $ 13 million from its liquidity pools.
Security breach, which appears to have included a flash loan attack, was reported by Peckshield Peckshield.
The lending mechanism in Abracadabra, known as “the boiler”, is based on the GMX liquidity for borrowing and lending on the chain. The attacker is allegedly dealing with the process of liquidating the Abracadapra boiler in the integration of GMX V2 gatherings, allowing them to withdraw money from the protocol.
Weilin (William) has provided an early analysis of the attack on X (formerly on Twitter), explaining that the attacker is like a flash loan. Flash loans is a DEFI mechanism that allows users to receive guarantees free offered, provided that they pay them in the same mass of transactions.
According to LI, the infiltrator used a seven -step process to borrow money from Abracadabra Stablecoin, Magic Internet Money (MIM), and convert this debt into cash. The attacker’s profits came from the liquidation incentives that allowed them to move away with the stolen money.
GMX V2 uses a two -stage trading process where requests are created and carried out by the “gate guards” to reduce the front. However, this short implementation window may have provided an opportunity for the attacker to intervene. Despite this attack, the GMX developer confirmed that the basic GMX contracts have not been hacked.
After the attack, the stolen money from the expression to the ethereum was blocked.
This is not the first time that Abrakadabra has been targeted. In January 2024, Mim Stablecoin’s manipulation led to losses of about $ 6.5 million and raised concerns about the weaknesses in the protocol.
*This is not an investment advice.