Crypto hocus-pocus ziet $6.5 miljoen 'poef' gaan van Abracadabra dankzij een Cauldron-probleem waardoor een gebruiker Magic Internet Money kon exploiteren (ik zweer het)

Get the popcorn in, because I swear it’s true. A cross-chain lending platform called Abracadabra Money has confirmed that an exploit allowed one user to drain at least $6.49 million in Ethereum-based stablecoins from its protocol (first spotted by Web3 gaat geweldig). Fair warning that this story involves a bunch of crypto jargon which I’ll try to explain as we go along, but always remember: these words are meant to obfuscate, confuse, and give the veneer of reality to the mathematically abstract.

Let’s start with the Ethereum Cauldrons. These allow users to borrow the Magic Internet Money (MIM) stablecoin, yes really, a stablecoin being a crypto-token that is in theory pegged to the value of (and backed by) a recognised currency: in this case the US dollar. Users can borrow MIM this way by offering various other assets as collateral. What could go wrong?

Voer een duistere tovenaar in, een onbekende gebruiker die zijn aanval begon met 1 ETH (ongeveer $ 2,300), en volgens een rapport van blockchain-beveiligingsbedrijf Certik took advantage of a “rounding issue.” What they seem to have done is spam loans using a piece of confusion software called TornadoCash: borrowing and repaying repeatedly in a manner that had them not-so-slowly accruing profit, and then successfully transferring those funds to another crypto-wallet.

The attack was first noticed by the blockchain security firm PeckShield, at which point the loss was estimated at $6.49 million. Subsequent estimates have put the amount as high as $10 million, though bear in mind we’re talking about crypto assets here, and sparked a duik in de waarde van, ja, de Magic Internet Money stablecoin.

Het MIM-ontwikkelteam erkende de exploit en zegt dat het inmiddels is opgelost, while the MIM stablecoin has, after going down to around 77 cents in value at its lowest, returned to the high 90 cents range. But remember: the whole point of these so-called stablecoins is that they stay 1:1 with their pegged currency. So we’re not at the final act yet.

The team further claim that victims will be compensated via a buy-back and burn process (liquidating some currency to boost the overall pot’s value). Abracadabra is a decentralised finance platform, in crypto terms a DeFi, and the whole point of these is that they’re supposed to be secure, robust, impregnable. And yet here we are: One attacker has made off with several million of crypto assets, with MIM and Abracadabra developers only able to say it’s been contained.

Magisch internetgeld zegt nu that “following the recent exploit, we’ve taken swift action to secure the protocol. The DAO treasury is set to fully collateralize the $6.5M affected, ensuring safe operations. We’re moving forward with confidence.”

To which, I guess, one can only add: “tah-dah!” This isn’t even Magic Internet Money’s first dodgy moment, with it having to be de-pegged during the Terra-crash van 2022, and you do wonder who keeps giving something like this the benefit of the doubt. People really do put money into these things and, you know, so often the crypto moral lesson turns out the same. I wouldn’t say it’s magic but: Now you see it, and now you don’t.

• Door SEO aangedreven content en PR-distributie. Word vandaag nog versterkt.
• PlatoData.Network Verticale generatieve AI. Versterk jezelf. Toegang hier.
• PlatoAiStream. Web3-intelligentie. Kennis versterkt. Toegang hier.
• PlatoESG. carbon, CleanTech, Energie, Milieu, Zonne, Afvalbeheer. Toegang hier.
• Plato Gezondheid. Intelligentie op het gebied van biotech en klinische proeven. Toegang hier.
• Bron: https://www.pcgamer.com/crypto-hocus-pocus-sees-dollar65-million-go-poof-from-abracadabra-thanks-to-a-cauldron-problem-that-let-a-user-exploit-magic-internet-money-i-swear