Avalanche Flash Loan Attack Sums $370,000

A flash loan attack on the Avalanche blockchain, according to blockchain cybersecurity firm CertiK, resulted in the theft of $370,000 in USDC from a smart contract and other liquidity providers.

It’s thought that DEX Trader Joe, staking platform Nereus Finance, and AMM Curve Finance were impacted. During the night, a flash loan assault on the Avalanche blockchain allowed the hacker to extract about $370,000 USDC.

The attack was carried out over a smart contract that began with the code “0xe767c,” and took place on Tuesday at 3:26 p.m. ET, according to data from Skynet, the on-chain security software of blockchain security company CertiK, which also detects unusual movements in smart contracts. As with many other flash loan attacks, the hacker was undetectable.

The company stated in a tweet that it believes its decentralized exchange Trader Joe, staking platform Nereus Finance, and automated market maker Curve Finance have all been disrupted.

#CertiKSkynetAlert🚨

CertiK Skynet has reported a #flashloan attack on #AVAX impacting contract 0xe767c… & some LPs. The attacker profited ~$370k USDC.

Possible impacted protocols include:@nereusfinance @traderjoe_xyz @CurveFinance
Contact us for analysis.

Stay Frosty!☃️ pic.twitter.com/bZvtgVPpl4

— CertiK Alert (@CertiKAlert) September 7, 2022

In a flash loan exploit, a malicious actor typically obtains uncollateralized funds from a lending protocol and manipulates the price of an asset to raise its value. This is an abuse of smart contracts security.

Instead of a hacking incident, flash loan assaults use a loophole in smart contracts to manipulate prices. Attackers steal an unsecured loan from a loan protocol, modify it, and then increase the price. Following these quick moves, the aggressive nature of such “bankruptcy loans” sells the lent assets and settles the obligation. He has the extra money in his pocket.

Ava Labs- a Layer 1 Smart contract

Ava Labs, the Singapore-based business that developed the Avalanche blockchain, has been struggling lately, in part because of what a lawyer stated in a covert video. The Layer-1 smart contracts platform has been well-known in recent years after breaking into the top 20 cryptocurrencies in terms of market size.

The Avalanche network, which works with Ethereum, has a decentralized application ecosystem as well as staking initiatives thanks to its proof-of-stake consensus mechanism.

Due to the nature of a flash loan, after the attacker has successfully arbitraged the asset, they sell back the borrowed funds in the same transaction and keep the profit.

By the time of publication, Blockworks had contacted CertiK and Avalanche but had not heard back. As is typical in most instances utilizing flash loan attacks, the identity of the attacker is still unclear.

Flash Loans Attackers are still yet to be Identified

Prior high-profile cryptocurrency heists with flash loans included the third-largest of 2022, in which DeFi dapp Beanstalk lost $182 million. The attacker’s identity is still a mystery, as is customary in the majority of situations involving flash loan attacks.

Also, C.R.E.A.M. Finance was under attack multiple times in 2021. One of the biggest heists involved $130 million. The culprits stole CREAM liquidity tokens, amounting to millions of dollars over an undisclosed amount of time. All the losses are visible on-chain, and the culprits have yet to be caught.

Our Ethereum C.R.E.A.M. v1 lending markets were exploited and liquidity was removed on October 27, 1354 UTC. The attacker removed a total of ~$130m USD worth of tokens from these markets, using this address: https://t.co/17sPIDpCmr
No other markets were impacted.

— Cream Finance 🍦 (@CreamdotFinance) October 27, 2021