On-chain knowledge reveals that the attacker behind the Magic Web Cash or MIM hack in March 2025 not too long ago despatched by means of $7.5m value of stolen funds into crypto mixer platform Twister Money.
Based on on-chain data from blockchain safety agency CertiK, the MIM attacker was caught sending 3,001 ETH (ETH) or roughly $7.57 million from a crypto wallet deal with starting with 0x51baB into the decentralized crypto mixer Tornado Cash.
This transaction quantities to greater than half of the stolen funds from the assault on Abracadabra Finance’s stablecoin, which was $13 million in losses.
“The MIM_Spell exploiter has simply despatched 3,001 ETH (~$7.57M) to Twister Money from 0x51baB,” wrote CertiK in its latest post.
The chain of wallet transfers represented by a chart created by CertiK confirmed that the funds had been moved by means of 4 completely different Ethereum-based addresses. The primary switch moved 6,261 ETH, which is the same as quantity of stolen from MIM, then the second and third wallets moved 3,001 ETH earlier than sending it to a recognized Twister Money deal with.
How did the MIM hack occur?
On March 25 2025, MIM Spell was exploited for six,261.13 ETH, which was equal to almost $13 million. The MIM hack focused its gmCauldron sensible contracts, particularly the mixing between decentralized trade GMX and Abracadabra’s lending contracts.
Based on the CertiK evaluation paper, the exploit allowed the attacker to borrow funds with out repaying them and liquidate the funds.
“This was because of the liquidation course of not overwriting data in RouterOrder that counted as collateral, permitting exploiter to falsely borrow further funds after liquidation,” wrote CertiK.
Shortly after the hack, MIM’s mother or father firm Abracadabra Finance declared that it has purchased again 50% of the losses it suffered within the $13 million exploit. The protocol additionally confirmed that consumer funds had been unaffected by the assault.
The workforce stated that it’s at the moment working in direction of restoring the stolen crypto it had misplaced within the exploit. Nevertheless, it’s changing into more and more tough to trace the funds as soon as the hackers have put them by means of crypto mixers like Twister Money.
