On Tuesday morning, Abracadabra Finance, a cryptocurrency platform, was targeted in a cyberattack resulting in the theft of $13 million worth of cryptocurrency. The company confirmed the incident on social media but did not immediately confirm the stolen amount. The attack was linked to Abracadabra’s “cauldrons,” isolated lending markets that allowed users to borrow against various cryptocurrencies. The company assured users that core contributors and security engineers were investigating the breach.
Abracadabra Finance worked with Guardian, a security company, and other experts to examine the incident and track the stolen funds. They confirmed that 6,260 Ethereum coins, valued at approximately $12.9 million, were stolen. The blockchain security firm Chainalysis was enlisted to trace the stolen assets.
Despite having several security measures in place, the exploit was only detected after the hacker had completed multiple transactions.
The attack on Abracadabra did not affect the collateral held by the company, and no other systems were compromised. However, the decentralized exchange GMX, which provided liquidity tokens to Abracadabra’s cauldrons, distanced itself from the incident. GMX emphasized that its contracts were secure and unaffected by the attack, which was isolated to the gmCauldrons within Abracadabra.
The company issued a clarification, stating that no breach had occurred on their platform.
To address the situation, Abracadabra offered the hacker a 20% bug bounty if they returned the stolen funds. The company worked with security firms like Zeroshadow to prevent further exploitation and traced the stolen funds to three specific wallets. Despite the complexity of the breach, Abracadabra’s ongoing collaboration with experts helped monitor and track the stolen cryptocurrency. The company promised to provide a full report once the investigation was completed.
Reference:
