On October 15, blockchain security team Supremacy posted on social media that Earning.Farm’s EFLeverVault contract was hacked by two flashloans attacks.
The first attack was blocked by the MEV bot, with a loss of 480 ETH, and the second hacker completed the attack with a profit of 268 ETH.
After analysis, the vulnerability was caused by the contract’s quick loan callback function not verifying the express loan originator. An attacker could trigger the contract’s fast loan callback logic: pay the Aave stETH debt in the contract and withdraw, then exchange stETH for ETH. The attacker can then call the withdrawal function to withdraw the ETH balance in all contracts.
Earning.Farm is a Dapp that provides user-friendly investment tools in DEFI. The platform has not yet commented on the problem.
Although flashloan is a very convenient form of loan without collateral, it also comes with a lot of risks.
In fact, it is very easy to perform a Flash Loan attack. The majority of Flash Loan-related protocols are not yet resistant to these attacks. Besides, hackers can take advantage of the instant transaction advantage of fast loans to attack multiple markets at the same time.
DISCLAIMER: The Information on this website is provided as general market commentary and does not constitute investment advice. We encourage you to do your own research before investing.
Join us to keep track of news: https://linktr.ee/coincu
Website: coincu.com
Foxy
CoinCu News
Key Points: Bitcoin Spot ETF Inflows totaled $449M, led by BlackRock’s $1.45B contribution. Ethereum Spot…
Discover the Best New Meme Coins to Join for 2025. BTFD Coin's price rollback offers…
Discover how DTX Exchange's historic achievement of 100,000 transactions per second on a layer-1 blockchain…
VanEck suggests the U.S. could reduce its national debt by 35% by 2050 through a…
President-elect Donald Trump named Bo Hines as the executive director of the presidential crypto council.
Explore the best new meme coins with 1000X potential. Learn how BTFD Coin leads with…
This website uses cookies.