The DeFi lending protocol Abracadabra Money, which is built on the Ethereum blockchain, experienced a platform breach on January 30.
In an official statement posted on its X (formerly Twitter) account, the DeFi protocol confirmed that it had detected an exploit within its platform, specifically involving ‘certain cauldrons on Ethereum.’ The protocol’s engineering team is currently conducting a thorough investigation into the incident.
The Financial Impact on Abracadabra Money
In an effort to minimize the impact of the cryptocurrency theft, the Abracadabra decentralized autonomous organization (DAO) treasury has decided to repurchase its Magic Internet Money (MIM) tokens from the market for the purpose of burning them.
While the platform has been transparent about the recent hack, it has not disclosed the exact amount of funds that were taken by the malicious actor.
To provide more insight into the breach, Cyvers Alerts revealed via social media that the perpetrator managed to make off with approximately $6.5 million in cryptocurrency assets. This resulted in the illicit withdrawal of over 2,740 Ether tokens from the wallet address of the Abracadabra Money platform.
Subsequently, about $4 million of the stolen assets were transferred to a new Ethereum-based wallet address.
According to blockchain security and analytics firm Peckshield, the hacker initiated the cyberattack by utilizing an initial 1 Ether, funded through the US-sanctioned crypto mixing protocol known as Tornado Cash.
Crypto Thefts Dipped 54% in 2023
Abracadabra Money is a non-custodial stablecoin DeFi lending protocol that allows users to deposit a variety of crypto assets as collateral and, in return, receive its MIM token.
Subsequently, users can either trade or lock up these DeFi tokens on other decentralized application (dApp) platforms to generate passive income.
The recent security breach on the platform is not an isolated incident but rather part of a broader trend within the cryptocurrency industry, especially in the DeFi sub-sector.
Since its launch in August 2020, smart contract-based financial systems have consistently been targeted by various cyber threat groups.
In the year 2021 alone, DeFi projects experienced losses surpassing $3.2 billion, primarily within the blockchain-based financial ecosystem.
In contrast to previous years, the total losses in the cryptocurrency space in 2022 decreased slightly to $3.1 billion, and this downward trend continued into the following year. According to the annual report from Chainalysis, crypto losses in 2023 amounted to $1.7 billion, marking a significant 54.3% decrease from the previous year.
Interestingly, despite the reduced fiat value stolen, the report noted a slight increase in the number of cyber threats compared to 2022. In 2022, there were 219 reported cyber threats, which rose to 231 in 2023, as indicated by the blockchain security firm’s findings.
The report also delved into the activities of malicious actors, with a notable mention of the North Korea-backed Lazarus Group. Chainalysis revealed that this cyber threat group was responsible for a significant portion of the total losses, accounting for $1 billion out of the $1.7 billion in losses and launching a record number of 20 attacks.
Chainalysis attributed the lower overall loss ratio in 2023 to improved security measures and a reduced amount of digital assets within the DeFi space, both of which played vital roles in safeguarding against cyber threats.