← back to feed·—2025-10-04 · 8mo ago

Incident · CHAINSEC

Abracadabra Spell

Exploit

Estimated loss

$1.70M

VERDICT —UNRATED

Verdict pending. Auto-ingested incidents are reviewed before a public verdict is rendered.

▰ METHOD

Undisclosed

Root cause

Root-cause analysis not yet published. The incident description below contains all currently available signal — review the attack transaction directly for definitive forensics.

Forensic narrative

A separate exploit again abused Spell contract logic, leading to an additional drain after earlier hardening steps. Reported loss: $1,700,000.

Primary source

https://threesigma.xyz/blog/exploit/mimspell-abracadabra-hack-breakdown ↗

Sourced from

chainsec

Technical record

chain: —
protocol: Abracadabra Spell
bug_class: unknown
date_occurred: 2025-10-04
loss_usd: $1,700,000
source_id: cs:abracadabra-spell::2025-10-04

Related — same bug class

Bridge-Minter Fake-Mint Exploit (wADS)

Cross-Chain Router Exploit (multi-chain drain)

BSC token contract exploit (vector undisclosed)

ShapeShift FOX Colony (Colony Network)

executeMetaTransaction → resolver-repoint via setTarget → delegatecall drain

Contract Vulnerability

TAC Cross-Chain Layer (TON Side)

Contract Vulnerability

logic

$2.80M

UNRATED