In a late-Saturday night attack, an unknown hacker slipped through a digital backdoor in Abracadabra Money, making off with nearly $1.8 million.
The exploit, which leveraged a vulnerability in a deprecated contract, allowed the attacker to circumvent the protocol’s financial safeguards. Following a trail that began and ended with the crypto-mixer Tornado Cash, the thief cleanly extracted the funds.
While a DAO contributor quickly announced the flaw was “mitigated and closed” and that user funds were safe, the incident underscores a troubling trend for the protocol, which has now seen over $21 million vanish across three separate exploits in just over a year.
