DeFi Protocol GMX Loses $13M as Hackers Exploit On-Chain Contracts

GMX, a decentralized perpetual exchange, has experienced a security breach that resulted in the loss of approximately 6,260 ETH (worth about $13 million). Shortly after the attack, the project’s development team addressed the issue and explained that the exploit affected only the Abracadabra/Spell’s cauldrons contracts. The announcement added that investigations are underway to identify the cause of the breach.

GMX is a decentralized exchange that facilitates spot and perpetual trading on Arbitrum and Avalanche blockchains. Earlier this month, the protocol added Solana to its list of supported networks.

The platform allows traders to execute trades with up to 100x leverage. Its most prominent features include reduced swap fees, a multi-asset liquidity pool, and minimal price impact trades. The decentralized finance (DeFi) protocol features several ecosystem tokens, such as GMX, GLV, GM, and GLP.

$13M Security Breach

Abracadabra operates a decentralized crypto lending protocol accessible across Ethereum, Arbitrum, Avalanche, and Fantom. Its cauldrons, the affected contracts, are smart contracts that facilitate borrowing and leveraging positions. These contracts depend on GMX’s V2 liquidity pools to augment its services.

With these contracts attacked, Abracadabra has “turned off all borrows to all cauldrons.” It is also collaborating with its auditing partner, Guardian Audits, alongside GMX and Chainalysis to rectify the issue. Abracadabra has offered 20% of the stolen funds as a bug bounty if the hacker returns the assets.

Notably, Abracadabra’s native tokens, SPELL and MIM, did not experience any significant price drop. On the other hand,  GMX saw a mild price drop to $14.16 at press time, representing around a 5% decrease. This price change came despite the GMX team’s disclosure that its contracts are unaffected.

More Crypto Exploits

This is not Abracadabra’s first security breach. In January, the protocol’s stablecoin, MIM, was exploited, draining about $6.5 million.

Security attacks plague the DeFi sector due to its dependence on smart contracts for functionality. Earlier this month, hackers exploited Four.Meme’s token launch feature to execute a $130,000 theft. Another project, AIXBT, parted ways on the same day with $100,000.

The post DeFi Protocol GMX Loses $13M as Hackers Exploit On-Chain Contracts appeared first on Cointab.