Abracadabra becomes a victim of its third significant DeFi hack post-2024 as attackers steal $1.8 million using a cook function vulnerability. The Magic Internet Money (MIM) stablecoin, which is based on the DeFi lending protocol Abracadabra, was recently hacked to the tune of approximately $1.8 million. This is the third huge breach of the platform […] The post Crypto Scam: Abracadabra Hacked Again: $1.8M Lost in Latest DeFi Breach appeared first on Live Bitcoin News.Abracadabra becomes a victim of its third significant DeFi hack post-2024 as attackers steal $1.8 million using a cook function vulnerability. The Magic Internet Money (MIM) stablecoin, which is based on the DeFi lending protocol Abracadabra, was recently hacked to the tune of approximately $1.8 million. This is the third huge breach of the platform […] The post Crypto Scam: Abracadabra Hacked Again: $1.8M Lost in Latest DeFi Breach appeared first on Live Bitcoin News.

Crypto Scam: Abracadabra Hacked Again: $1.8M Lost in Latest DeFi Breach

By: LiveBitcoinNews

2025/10/07 19:15

Abracadabra becomes a victim of its third significant DeFi hack post-2024 as attackers steal $1.8 million using a cook function vulnerability.

The Magic Internet Money (MIM) stablecoin, which is based on the DeFi lending protocol Abracadabra, was recently hacked to the tune of approximately $1.8 million. This is the third huge breach of the platform since 2024.

The attacker took advantage of a logical defect of the Abracadabra cook feature, which executes several operations within a single transaction.

This loophole evaded insolvency checks that were to ensure the avoidance of excessive borrowing. The attacker exploited this vulnerability by making six calls to the cook function using six addresses, which drained 1.79 million MIM tokens from the protocol.

Fraudulent Cook Feature Malfunctions Massive Loss.

The fundamental weakness is the manner in which the cook operation performs several preset actions that all have the same status.

Action 5 of the process of the function provokes a solvency check flag when it occurs. However, the next operation 0 clears this flag as it has an empty internal update function, which means it goes straight to the last insolvency check.

This overborrowing gave freedom to the attacker. The stolen tokens of MIM were hastily turned and laundered using Tornado Cash to erase any traces, and some of the proceeds were turned into ETH.

Third Big Adventure Lifts DeFi Ringing Bells.

The recent hack of Abracadabra is not the only one. The protocol has suffered two attacks before, one in January 2024, causing a loss of $6.5 million, and another in March 2025, resulting in a loss of about $13 million. Both of these incidents relate to sophisticated smart contract vulnerabilities exploited by attackers to empty wallets.

The decentralized autonomous organization (DAO) of Abracadabra responded promptly after the recent breach.

To stabilize the platform, they fixed the exposed contracts and bought off the market the stolen MIM.

Source –X

On X, the DAO representative 0xMerlin told users that the attack did not directly affect their own funds and that they are strengthening their internal security.

This is the third violation that raises questions about the security of smart contracts in DeFi.

Analysts also highlight that regulators should strictly apply solvency checks and independently verify transaction statuses to prevent this type of mischief in multi-action transactions.

The post Crypto Scam: Abracadabra Hacked Again: $1.8M Lost in Latest DeFi Breach appeared first on Live Bitcoin News.

Disclaimer: The articles reposted on this site are sourced from public platforms and are provided for informational purposes only. They do not necessarily reflect the views of MEXC. All rights remain with the original authors. If you believe any content infringes on third-party rights, please contact [email protected] for removal. MEXC makes no guarantees regarding the accuracy, completeness, or timeliness of the content and is not responsible for any actions taken based on the information provided. The content does not constitute financial, legal, or other professional advice, nor should it be considered a recommendation or endorsement by MEXC.

Share Insights