Skip to content Skip to sidebar Skip to footer

This type of attack is a DeFi (Decentralized Finance) exploit in which a smart contract designed to support the provision of flash loans is hacked in order to steal assets from a specific pool.

What is Flash Loan Attach?

This type of attack involves a malicious actor opening a loan, using the borrowed funds to buy additional assets through arbitrage, and quickly repaying the loan with the remaining assets as profit.

DeFi protocols are permissionless and run entirely by smart contracts, so this exposure can only occur in DeFi protocols. Having no third party monitor the provision of uncollateralized loans provided through flash loan contracts makes DeFi platforms vulnerable to such attacks even though disintermediation offers many advantages like cost savings and resistance to censorship.

There have been many instances in which cybercriminals have been able to successfully carry out this type of malicious activity.

In May 2021, PancakeBunny, a popular Binance Smart Chain-based yield-farming platform was attacked. To manipulate the price of BNB, the flash loan attacker borrowed a large amount of BNB on PancakeBunny, thus manipulating its price against both the Binance USD stablecoin and Bunny tokens — when the flash loan attacker dumped their Bunny on the market, the price dropped.

> Newsletter <
Interested in Tech News and more?

Subscribe