On October 15, blockchain security team Supremacy posted on social media that Earning.Farm’s EFLeverVault contract was hacked by two flashloans attacks.
The first attack was blocked by the MEV bot, with a loss of 480 ETH, and the second hacker completed the attack with a profit of 268 ETH.
After analysis, the vulnerability was caused by the contract’s quick loan callback function not verifying the express loan originator. An attacker could trigger the contract’s fast loan callback logic: pay the Aave stETH debt in the contract and withdraw, then exchange stETH for ETH. The attacker can then call the withdrawal function to withdraw the ETH balance in all contracts.
Earning.Farm is a Dapp that provides user-friendly investment tools in DEFI. The platform has not yet commented on the problem.
Although flashloan is a very convenient form of loan without collateral, it also comes with a lot of risks.
In fact, it is very easy to perform a Flash Loan attack. The majority of Flash Loan-related protocols are not yet resistant to these attacks. Besides, hackers can take advantage of the instant transaction advantage of fast loans to attack multiple markets at the same time.
DISCLAIMER: The Information on this website is provided as general market commentary and does not constitute investment advice. We encourage you to do your own research before investing.
Join us to keep track of news: https://linktr.ee/coincu
Website: coincu.com
Foxy
CoinCu News
Nov 18th, Panama - Gate.io, a global leader in digital asset trading, has officially unveiled…
The Bitdeer convertible notes offer a 42.5% conversion premium, allowing conversion into cash with the…
Grand Cayman, Cayman Islands, 22nd November 2024, Chainwire
Best Cryptos to Invest in December 2024: Qubetics surges past $2.6M, Solana’s whale pump ignites…
As Bitcoin reaches unprecedented heights and the market surges, he's highlighting five altcoins poised for…
With the crypto market reaching new peaks, many are eager to discover digital currencies poised…
This website uses cookies.