Root-cause analysis not yet published. The incident description below contains all currently available signal — review the attack transaction directly for definitive forensics.
On February 4, 2025, the Ionic protocol suffered a social engineering attack, allowing the attacker to use a forged Lombard Bitcoin Token (LBTC) as collateral. This asset was deployed on the Mode network. The attacker deployed the forged LBTC on January 9, 2025, while Ionic records indicate that the attacker began interacting with the platform as early as December 12, 2024. After several weeks of business development (BD) discussions, the Ionic team approved the fraudulent asset as eligible collateral and provided a Balancer pool with $400,000 in liquidity, along with API3 oracle price feeds. Ultimately, the Ionic Mode main market accepted the forged LBTC as collateral, with a total supply of 250 LBTC. The attacker minted 250 LBTC in their own wallet and deposited them into Ionic as collateral, stealing $12.3 million worth of supplied assets. Attack method (per SlowMist): Social Engineering. Reported loss: $ 12,300,000.
- chain
- bitcoin
- protocol
- Ionic
- bug_class
- oracle
- date_occurred
- 2025-02-04
- loss_usd
- $12,300,000
- source_id
- sm:ionic::2025-02-04