Abracadabra ($SPELL)

Hacked

DeFi · $SPELL · born 2021 · ✝ 2025

The magic ran out for the MIM money market again.

Abracadabra is a lending protocol behind the MIM stablecoin and SPELL token that was exploited again in 2025, this time on Arbitrum. An attacker abused the protocol's cauldron lending logic to drain funds.

Peak: ~$13M stolen
Cause: Hacked
Year of death: 2025

☠️ Cause of death

A flaw in the protocol's lending logic let the attacker borrow or withdraw value beyond what their collateral allowed, draining the affected cauldrons.

📓 Lessons left behind

—Repeat victims must rethink architecture, not just patch.
—Stablecoin lending logic needs continuous re-auditing.
—Add invariant checks that block under-collateralized exits.

🌱 The idea that survived

Continuous protocol auditing

Underscored that complex lending protocols need ongoing audits and invariant monitoring, not one-time reviews.

#defi#lending#stablecoin#logic-bug