Decentralized lending protocols on the Magic Internet Money (MIM) platform have been hacked for 6,260 ETH. The exploit affected only specific liquidity hubs and did not impact the GMX protocol or GM tokens.
Impact of the MIM Hack
Contracts related to GMX and MIM Spell lending vaults were breached, resulting in the theft of 6,260 ETH. The funds were locked in liquidity vaults. The GMX protocol and its associated assets remained unaffected. The current price of MIM continues to hold steady around $0.99, which is expected for a stablecoin.
The Course of the Hack
The hack exploited vulnerabilities in the Abracadabra/Spell cauldrons, which allow borrowing against GM token collateral. The funds were moved through the Arbitrum network and then bridged via Stargate to the Ethereum mainnet for further laundering by swapping them into other assets.
Preventing Future Attacks
The GMX and MIM teams, along with security researchers, are investigating smart contract vulnerabilities that allowed the transfer of funds in a single transaction. Though the attacker remains unidentified, the funds' movement suggests links to previously known methods. Efforts are ongoing to enhance the security of lending protocols to mitigate the risk of future exploits.
The hack on Magic Internet Money's decentralized lending protocols highlights the need for more rigorous smart contract security audits. Teams are working to strengthen protection and reduce the likelihood of future breaches.
