Avalanche Flash Loan Attack Nets $370K
Flash loan attack on Avalanche detected by cybersecurity firm CertiK
Blockworks Exclusive art by axel rangel
key takeaways
- The flash loan is said to have generated hundreds of thousands of dollars worth of USDC for the attacker
- DEX Trader Joe, staking platform Nereus Finance and AMM Curve Finance are believed to have been affected
A flash loan attack on the Avalanche blockchain has extracted $370,000 in USDC from a smart contract, as well as several liquidity providers, blockchain cybersecurity firm CertiK said Tuesday.
Decentralized exchange Trader Joe, staking platform Nereus Finance and automated market maker Curve Finance are thought to have been impacted, the firm said in a tweet.
A flash loan exploit is an abuse of a smart contracts security whereby a nefarious actor typically borrows uncollateralized funds from a lending protocol and manipulates the price of a given asset, driving up its value.
Because of the nature of a flash loan, the attacker then sells back the borrowed capital in the same transaction after they’ve managed to arbitrage the asset, pocketing the difference.
The attack, executed around 3:26 pm ET on Tuesday, was picked up by CertiK’s on-chain security software Skynet which actively monitors and displays suspicious smart contract data online.
Blockworks attempted to contact CertiK and Avalanche but did not receive a response by press time. The identity of the attacker, as in the majority of cases involving flash loan exploits, remains unknown.
Avalanche, a layer-1 smart contract platform built by Singapore-based Ava Labs, has risen to prominence in recent years, having grown to become a top 20 crypto in market cap terms.
Compatible with Ethereum, the Avalanche network consists of an ecosystem of decentralized application as well as staking initiatives via its proof-of-stake consensus mechanism.
Flash loans have been involved in several high-profile crypto heists before, including the third-largest of 2022, when DeFi dapp Beanstalk lost $182 million.
Get the news in your inbox. Explore Blockworks newsletters:
- Blockworks Daily: The newsletter that helps thousands of investors understand crypto and the markets, by Byron Gilliam.
- Empire: Start your morning with the top news and analysis to inform your day in crypto.
- Forward Guidance: Reporting and analysis on the growing intersection of crypto and macroeconomics, policy and finance.
- 0xResearch: Alpha directly in your inbox. Market highlights, data, degen trade ideas, governance updates, token performance and more.
- Lightspeed: Built for Solana investors, developers and community members. The latest from one of crypto’s hottest networks.
- The Drop: For crypto collectors and traders, covering apps, games, memes and more.
- Supply Shock: Tracking Bitcoin’s rise from internet plaything worth less than a penny to global phenomenon disrupting money as we know it.
