Two Defi Protocols on the Gnosis chain faced a Flash loan attack and resulted in a big amount of loss.
Defi ( Decentralized finance) is a concept that was introduced in the crypto industry in Q4 2018 but resulted in some better crypto trends in 2020. Due to the highly decentralized nature and new to this space there are huge vulnerability issues in the Defi-based platforms and these are causing huge losses because of loopholes and Vulnerabilities.
On 15 March, Agave lending platform confirmed on Twitter that they faced a hacking attack and they are investigating this incident.
Due to this incident, the smart contract protocol paused its operations till the solution of the main issue of the platform to ensure the protection of the funds locked in the smart contract.
On the same day, Deus Finance DAO also got exploited because of the flash loan attack. Deus Finance lost around $3 million.
Tenderly did an investigation on these two incidents. According to the investigation, hackers exploited the Protocols because of the reentrancy vulnerability in the smart contract.
Reentrancy is a Solidity programming language vulnerability, which helps bad actors to trick the smart contract to give access to an external call to an untrusted smart contract.
In the case of Agave and Hundred Finance, hacker/hackers tricked the platform with the help of a reentrancy bug to open the portal to facilitate flash loan attacks. Both of these two protocols lost around $11 million in total.
Flash loan attack: best option for hackers
Flash loan is a feature in the Defi Ecosystem, which allows traders to take loans & buy-sell assets without registration of any centralized crypto wallet under high price differences of crypto assets in between two or more exchanges.
Flash loan is a unique feature but it is continuously causing big issues for the Defi protocol because flash loan attacks are much easier for hackers to trick Defi protocols and steal money without any need of personal identity details.
Don’t miss a thing, sign up for our newsletter