Ethereum
Abracadabra’s $6.49M loss leads to MIM stablecoin destabilization
Some Abracadabra Finance contracts were drained of $6.49 million, causing its Magic Internet Money stablecoin to depeg.
Source: Cointelegraph
Abracadabra Money, a cross-chain lending platform, has confirmed a $6.49-million exploit involving the protocol’s Ethereum cauldrons that allow users to borrow the Magic Internet Money (MIM) stablecoin using different assets as collateral.
The MIM development team acknowledged the exploit and stated that they are investigating. They said that the protocol’s governing body plans to compensate victims through a buy-back and burn process.
We are aware of an exploit involving certain cauldrons on Ethereum.
— 🧙🏼♂️ (@MIM_Spell) January 30, 2024
Our engineering team is triaging and investigating the situation.
To the best of its Ability, the DAO treasury will be buying back MIM from the market to then burn.
More updates are coming.
The $6.49-million exploit was flagged on Tuesday by blockchain security firm PeckShield. The unknown exploiter initially funded the attack with 1 Ether ETH $2,292 via cryptocurrency mixer Tornado Cash, according to the security firm.
Less than an hour after the exploit was announced, MIM, which is an algorithmic United States dollar-pegged stablecoin, lost its dollar peg, falling to $0.77, before recovering to the current $0.94 mark, according to CoinMarketCap data.
Price chart of MIM. Source: CoinMarketCap
A report from blockchain security firm CertiK said the exploit may have been caused by a “rounding issue.” The attacker repeatedly called the “userBorrowPart()” function, followed by “repay()” from the protocol’s v4 cauldrons, implying that the attacker borrowed and repaid loans over and over again, somehow allowing them to drain funds from the contract.
Magic Internet Money was also depegged in 2022 due to the fallout of the Terra ecosystem collapse. In August, the protocol raised its interest rate on the coin by 200% in an effort to manage risk from the Curve protocol.