Value DeFi was exploited for approximately $6 million Saturday, possibly due to a flash loan attack, Value DeFi’s loss came just two days after another DeFi platform Akropolis suffered a similar hack and lost about $2 million in total.
The MultiStables vault was the subject of a complex attack that resulted in a net loss of $6M. https://t.co/dnFRa5yPBJ
We are currently working on a postmortem and are exploring ways to mitigate the impact on our users.— Value DeFi Protocol (@value_defi) November 14, 2020
Flash loans allow users to borrow funds without collateralization because the lender expects the funds would be returned instantly.
At roughly 10:45 AM EST, a user took out a flash loan of 80,000 ETH (over $36 million) from lending protocol Aave, according to data from Etherscan.
According to Emiliano Bonassi, a self-described whitehat hacker and the co-founder of DeFi Italy, the attacker also sourced an additional $116 million flash loan in DAI from Uniswap.
Bonassi tweeted that the hacker swapped the flash-loaned ETH for stablecoins, deposited part of the flash-loaned DAI into Value DeFi’s multi-stablecoin vault, and then conducted a series of stablecoin swaps between USDT, USDC, and DAI designed to exploit the pricing used by the Value DeFi vault’s withdrawal method.
Source: Bonassi
Since the attack, the value of the VALUE token has plunged over 26%, from $ 2.73 to $ 1.98 at the time of writing.
Read more:
- Justin Sun: An Unknown Hacker Has Unsuccessfully Attacked The TRON Network During A Mainnet Upgrade
- Bitcoin Worth $26 Million From The 2016 Bitfinex Hack On The Move