Value DeFi was exploited for approximately $6 million by flash loan attack
Value DeFi was exploited for approximately $6 million Saturday, possibly due to a flash loan attack, Value DeFi’s loss came just two days after another DeFi platform Akropolis suffered a similar hack and lost about $2 million in total.
The MultiStables vault was the subject of a complex attack that resulted in a net loss of $6M. https://t.co/dnFRa5yPBJ
We are currently working on a postmortem and are exploring ways to mitigate the impact on our users.
— Value DeFi Protocol (@value_defi) November 14, 2020
Flash loans allow users to borrow funds without collateralization because the lender expects the funds would be returned instantly.
At roughly 10:45 AM EST, a user took out a flash loan of 80,000 ETH (over $36 million) from lending protocol Aave, according to data from Etherscan.
According to Emiliano Bonassi, a self-described whitehat hacker and the co-founder of DeFi Italy, the attacker also sourced an additional $116 million flash loan in DAI from Uniswap.
Bonassi tweeted that the hacker swapped the flash-loaned ETH for stablecoins, deposited part of the flash-loaned DAI into Value DeFi’s multi-stablecoin vault, and then conducted a series of stablecoin swaps between USDT, USDC, and DAI designed to exploit the pricing used by the Value DeFi vault’s withdrawal method.
Since the attack, the value of the VALUE token has plunged over 26%, from $ 2.73 to $ 1.98 at the time of writing.
- Justin Sun: An Unknown Hacker Has Unsuccessfully Attacked The TRON Network During A Mainnet Upgrade
- Bitcoin Worth $26 Million From The 2016 Bitfinex Hack On The Move