8 hours ago
13
Abracadabra mislaid $13 cardinal successful ETH aft a hack targeting GMX-linked pools, but GMX denies its astute contracts were progressive successful the vulnerability.
About $13 cardinal worthy of cryptocurrency has been drained from decentralized lending protocol Abracadabra.Finance pursuing an exploit targeting pools utilizing GMX tokens.
In a March 25 X post, crypto cybersecurity steadfast PeckShield reported that contracts related to GMX and Abracadabra.Money had been compromised, resulting successful the nonaccomplishment of astir 6,260 Ether (ETH), worthy astir $13 million.
The quality follows Abracadabra.Money losing $6.49 million aft its astute contracts were compromised successful precocious January 2024. At the time, this besides led to the protocol’s Magic Internet Money (MIM) stablecoin losing its peg to the US dollar.
Related: Pump.fun’s caller DEX reaches $1B measurement a week aft launch
GMX denies declaration vulnerability
Despite archetypal reports, a pseudonymous GMX communications contributor claimed connected X that “GMX contracts are not affected.” According to the user, GMX is progressive due to the fact that MIM’s pools are based connected GMX v2 pools.
GMX Market (GM) tokens are a halfway portion of the GMX platform, earning fees from swaps and leveraged trading. MIM’s pools, known arsenic cauldrons, are the protocol’s halfway merchandise and supply isolated lending exposure.
In an authoritative X post, GMX stated that the hack progressive MIM’s pools that utilized GM tokens. The station further claimed that “no issues person been identified with GMX contracts,” adding:
“We judge the contented relates solely to the Abracadabra/Spell cauldrons. These cauldrons let for borrowing against circumstantial GM liquidity tokens.”GMX.io and Abracadabra.Money had not responded to Cointelegraph’s enquiry by the clip of publication.
Related: DeFi lender Nostra pauses borrowing aft terms provender error
Hackers usage Tornado Cash, span to Ethereum
Fund Tracking by AMLBot
Crypto forensics steadfast AMLBot provided Cointelegraph with a partial reconstruction of however the hack was performed. The hacker’s code was archetypal funded done the Tornado Cash decentralized cryptocurrency mixer, and past those funds were utilized to wage the transaction fees of the malicious transactions. The stolen ETH was aboriginal moved from the Arbitrum web to Ethereum via a blockchain bridge:
“The stolen funds, totaling 6,260 ETH, person been transferred from Arbitrum to Ethereum via a bridge.”Magazine: What are autochthonal rollups? Full usher to Ethereum’s latest innovation
English (US) ·