In the wee hours of Tuesday, a flash loan attack was carried out using the Avalanche network. A specific smart contract as well as a number of liquidity providers were the targets of the attack. According to blockchain cybersecurity company CertiK, the attacker made $370,000 in gains.
A flash loan attack is a misuse of a platform’s smart contract security in which an attacker typically borrows large sums of money without putting up any security. Then, they engage in arbitrage trading to profit.
In order to do this, they manipulate the price of a cryptocurrency asset on one market before selling it again almost immediately on another. Attackers normally follow the method precisely and promptly, repeating it several times before finishing.
According to CertiK, three possible protocols may have been harmed in the most recent Avalanche breach. The same applied to the DEX platform Trader Joe, the staking platform Nereus Finance, and the AMM Curve Finance.
Notably, CertiK’s on-chain security programme Skynet detected the attack, which took place on Tuesday at 7:26 p.m. UTC.
In recent years, a number of crypto heists have involved flash loans. For instance, the Ethereum-based system Beanstalk was compromised in April and approximately $180 million was stolen. The attacker(s) apparently obtained a flash loan using the lending marketplace Aave, allowing them to stockpile a sizable quantity of Stalk, Beanstalk’s native governance token. The attacker(s) were able to swiftly pass a fraudulent governance proposal that syphoned off all protocol funds into a personal Ethereum wallet thanks to the voting power provided by these Stalk tokens.
However, as shown below, the amount of money taken without using flash loans (in purple) increased in August, demonstrating that DeFi criminals do not always take the same path used by the Avalanche/Beanstalk hackers.
Avalanche’s DeFi efficiency
Avalanche has not been doing well on the DeFi front. For instance, the total value of assets locked on its platform has been declining over the past six months and was only $1.7 billion at the time of publication, reflecting a 4.1% daily loss.
Furthermore, competing protocols like Solana have been able to post superior figures even on the revenue front. The Web3 analyst for Aurum Crypto recently used Twitter to highlight the aforementioned pattern. Solana had earned about $50,000 every day in fees over the previous three months. The figure for Avalanche, on the other hand, was in the $25–$30k range.
With being stated, it should be mentioned that Solana spends more on security. In other words, there is a large disparity between the cost and profitability of the two procedures. The expert tweeted, “Calling out the same,”