$7.5M MIM Heist: Hacker Washes Stolen Crypto Through Tornado Cash

Another day, another crypto caper—this time with a $7.5 million twist. The hacker behind the MIM exploit just funneled the loot through Tornado Cash, proving once again that privacy mixers are the getaway cars of DeFi.

How it went down: The attacker bypassed security protocols, grabbed the funds, and vanished into the blockchain shadows. No fingerprints, no follow-up—just cold, hard crypto slipping through the cracks.

Why it matters: While regulators wring their hands over 'compliant DeFi,' the smart money keeps finding ways to stay anonymous. Tornado Cash strikes again—because nothing says 'financial freedom' like a digital laundry service.

The punchline? Wall Street still thinks crypto is the wild west. Meanwhile, traditional finance loses more to office coffee funds than this hacker took. Priorities, people.

How did the MIM hack happen?

On March 25 2025, MIM Spell was exploited for 6,261.13 ETH, which was equal to nearly $13 million. The MIM hack targeted its gmCauldron smart contracts, specifically the integration between decentralized exchange GMX and Abracadabra’s lending contracts.

According to the CertiK analysis paper, the exploit allowed the attacker to borrow funds without repaying them and liquidate the funds.

“This was due to the liquidation process not overwriting records in RouterOrder that counted as collateral, allowing exploiter to falsely borrow additional funds after liquidation,” wrote CertiK.

Shortly after the hack, MIM’s parent company Abracadabra Finance declared that it has bought back 50% of the losses it suffered in the $13 million exploit. The protocol also confirmed that user funds were unaffected by the attack.

The team said that it is currently working towards restoring the stolen crypto it had lost in the exploit. However, it is becoming increasingly difficult to track the funds once the hackers have put them through crypto mixers like Tornado Cash.