InsideBitcoins.com

Value DeFi Hit by $6 Million Loan Flash Exploit

DeFi

Value DeFi seems to be the victim of a $6 million flash loan attack. This happened after a Twitter thread on Friday, detailing the prevention method of similar exploit technology.

https://twitter.com/value_defi/status/1327469664620802050

The incident occurred on Friday night before Emilo Frangela, Aave Protocol’s developer, raised an alarm about the exploited loan. A user removed a flashloan of 80,000 ETH (worth more than $36 million) from the lending protocol.

Emiliano Bonassi, the co-founder of DeFi Italy and a self-described white-hat hacker, revealed that the hacker also removed an extra $116 million flash loan from Uniswap.

Flash-loaned ETH exchanged for stablecoins

According to Bonassi, the attacker took stablecoins and replaced with the flash-loaned ETH. He kept some of the flash-loan DAI to Defi’s multi-stablecoin vault. Afterward, the attacker carried out several swaps of stablecoin between DAI, USDC, and USDT meant to launch an exploit on the pricing utilized in the withdrawal method of Value Defi.

One of the most sophisticated attacks

During a recent interview, he pointed out that the attack was one of the most sophisticated attacks he has seen for a long time, even though it was similar to the Harvest Finance attack.

hancock-regional-hosptial-ransomware-attack-1024x640.jpg

Bonassi also revealed that the attack was the first time he had seen a threat actor using two flash loans in a single attack. Later that night, the community Discord released a statement that admitted there was a flash loan attack.

“We are aware of the current situation with the MultiStables vault,” the board acknowledges. The statement further asked users to be patient while the developers investigate the situation. It also informed users that apart from the attacked vault, other vaults are working properly.

Few minutes after the attack, the threat actor carried out an ETH transaction that allegedly taunted the Value DeFi protocol using a message delivered to the address of the protocol deployed.

“Do you really know flashloan? “, the statement reads. To deliver the message, the threat actor had to remove $.31 from his hacking gains to pay for the message. Shortly afterward, the protocol announced on Twitter that it was preparing a postmortem for the attack that resulted in the loss of $6 million for the users.

The attack has directly led to the depreciation o the $VALUE token by from 2.73 to 2.01, which is more than a 25% reduction.

This attack is one of the several setbacks the DeFi space has had within the past two weeks, which included an attack on Akpropolis protocol.

Top brokers for buying and trading cryptocurrencies

  • Platform
  • Features
  • Rating
  • Visit Site
  • US-Friendly
  • Paypal accepted
  • 12+ cryptocurrencies
4.5/5

Visit Site
75% of retail investors lose money.
eToro Reviews

    eToro Reviews

    https://insidebitcoins.com/visit/etoro-newsCreate your account
    Hide eToro Reviews
    • Best broker for non-US countries
    • Trade crypto CFDs, forex and stocks
    • No withdrawal or deposit fees
    4.5/5

    Visit Site
    80.5% of retail investors lose money.
    Plus500 Reviews

      Plus500 Reviews

      https://insidebitcoins.com/visit/plus500-newsCreate your account
      Hide Plus500 Reviews
      Remember, all trading carries risk. Past performance is no guarantee of future results.
      Avatar

      A journalist, with experience in web journalism and marketing. Ali holds a master's degree in finance and enjoys writing about cryptocurrencies and fintech. Ali’s work has been published on a number of cryptocurrency publications.

      Leave a Reply

      Your email address will not be published. Required fields are marked *