Ionic Protocol
Summary
Ionic Protocol (also known as Ionic Money) is a decentralized non-custodial lending and borrowing protocol deployed on the Mode Network (OP Superchain). It is a rebrand of Midas Capital, which suffered two separate exploits in 2023 totaling approximately $1.26 million. In February 2025, Ionic itself was exploited via a social engineering attack involving a counterfeit LBTC token, resulting in losses estimated between $8.6 million and $12.3 million; funds were partially laundered through Tornado Cash and have not been recovered.
Connected Entities
1 entitiesTimeline(10 events)
2021-11-01
Midas Capital founded with a vision of multichain isolated-pool lending.
2023-01-15
Midas Capital first exploit: approximately $660,000 drained via read-only reentrancy vulnerability in Curve LP collateral on Polygon.
2023-06-17
Midas Capital second exploit: approximately $600,000 drained via rounding error in Compound V2-derived code on BNB Chain.
2023-01-01
Midas Capital sunsetted; team begins rebrand to Ionic Protocol on Mode Network.
2024-12-12
Alleged attacker begins interacting with Ionic Protocol, impersonating Lombard Finance team in BD discussions.
2025-01-09
Attacker deploys counterfeit LBTC smart contract (0x964dd444e3192f636322229080a576077b06fba3).
2025-02-04
Ionic Money exploit begins: attacker mints 250 fake LBTC, deposits as collateral, and borrows approximately $8.6–$12.3 million in real assets.
2025-02-04
Attacker bridges ~1,204 ETH ($3.2 million) from Mode Network to Ethereum and launders funds through Tornado Cash.
Decision Log
- hash: rJBc5anxykJ8rtAKC5jVr2AyMQw66Z8q97jgQSohGSk
This investigation is cryptographically anchored to the Solana blockchain and source URLs are archived via the Internet Archive.
model: claude-sonnet-4-6
generated: 5/4/2026, 2:54:25 AM
last updated: 5/28/2026, 1:44:43 AM
avoid.net — verified advice for a post-truth world