Abracadabra to Repay Over 50% of Stolen Funds Within 36 Hours

Decentralized lending platform Abracadabra Money suffered a major security breach, resulting in the loss of approximately $13 million worth of its Magic Internet Money (MIM) stablecoin.

The exploit, which targeted the gmCauldrons suite of products, was detected by blockchain security firm PeckShield on March 25.

The attack allowed malicious actors to drain 6,260 ETH by exploiting vulnerabilities within Abracadabra’s smart contract infrastructure.

This event marks the second significant breach for the platform this year, following a $6.49 million exploit in January that temporarily debugged MIM.

In the wake of the attack, Abracadabra took swift action to mitigate the impact. The project’s DAO treasury, which holds around $19 million in assets, repurchased 6.5 million MIM to cover 50% of the loss.

The project is now focusing on post-mortem analysis, improved security measures, and long-term remediation plans to rebuild trust within its community.

Security Oversight and Treasury Remediation Plan

Despite multiple layers of security, including audits by Guardian Audits and real-time monitoring by firms like Hexagate and ZeroShadow, the attacker managed to bypass defenses.

According to the report released, while ZeroShadow quickly traced the attack, Hexagate failed to trigger an alert during the exploit.

The report highlighted unforeseen vulnerabilities in gmCauldrons, a critical component of the Abracadabra ecosystem that allows users to collateralize GMX-based tokens to borrow MIM.

To address the situation, Abracadabra has initiated a phased remediation strategy.

The DAO treasury’s holdings, currently valued at $19 million, include a $4 million Depeg Contingency Fund that can be deployed following a governance proposal.

In the immediate aftermath, the treasury allocated funds to buy back and burn 6.5 million MIM, effectively neutralizing half of the exploited debt. By mid-2025, the remaining losses will be systematically covered through treasury funds.

Abracadabra emphasized that the MIM peg remained stable throughout the crisis, with only minor deviations from its $1 value.

Moving forward, the project aims to strengthen its treasury by diversifying holdings and implementing stricter risk controls to ensure resilience against future attacks.

Expanding Ecosystem and Future Developments

While addressing the immediate crisis, Abracadabra is also looking toward future expansion. The DAO has outlined four key initiatives to strengthen its platform.

First is the Berachain Expansion, which is a new set of cauldrons set to launch on Berachain. These cauldrons will allow users to collateralize various liquidity pool (LP) tokens to mint MIM.

These include WBERA-WETH, WBERA-WBTC, and MIM-USDT0 vaults. Additionally, Omnichain SPELL, built on the OFT v2 standard, will soon be deployed to improve liquidity across multiple networks.

Second is the Nibiru Integration. This particular one follows the approval of AIP 62, with MIMswap now preparing to launch on Nibiru, providing a stable swap solution for the ecosystem.

Further governance proposals will determine the deployment of additional MIM cauldrons.

The third is the Purrswap Incubation, which is the first AbracadabraDAO incubation project.

Purrswap will introduce a stable swap on HyperEVM. The integration will feature a SPELL holder airdrop, reinforcing DAO participation and liquidity provision.

Lastly, in response to the attack, Abracadabra is collaborating with Chainalysis to track stolen funds and working closely with centralized exchanges to prevent further illicit transactions.

The project has also extended an offer to the hacker for negotiations in exchange for a bug bounty.

As it stands now, Abracadabra is actively engaging with on-chain security experts to track stolen funds and prevent laundering through centralized exchanges.

The DAO has made it clear that it is willing to negotiate a return of stolen funds in exchange for a bounty reward.

The team has encouraged anyone with information to contact them via on-chain messages or email.

The post Abracadabra to Repay Over 50% of Stolen Funds Within 36 Hours appeared first on Cryptonews.

News – Read More