Avalanche, which has recently come to the fore with the news of lawsuits and market manipulation, is now on the agenda of attacks. Blockchain cybersecurity firm CertiK announced the attack on the AVAX network. According to CeriK’s post, the giant altcoin project fell victim to a “flash loan” attack. The attackers stole $370,000 worth of USD Coins (USDC) from a smart contract and several lenders. Several major DeFi projects have also suffered from this incident.
Avalanche victim of “flash loan” attack
Blockchain cybersecurity firm CertiK announced the attack in a statement Tuesday. Accordingly, a “flash loan” attack on the Avalanche network took place. This attack resulted in $370,000 in USDC from a smart contract and several liquidity providers. Aside from the popular altcoin asset, several major DeFi projects have also suffered. These include Trader Joe, a DEX, Nereus Finance, a staking protocol, and Curve Finance, an AMM.
AVAX and CertiK did not respond to questions
The attack took place at around 3:26 p.m. Tuesday. This attack soon caught on Skynet’s radar. Skynet is CertiK’s on-chain security software that actively monitors and displays suspicious smart contract data online. After the attack, organizations tried to contact CertiK and Avalanche. However, both companies avoided answering questions from the media. The identity of the attacker remains unknown, as in most cases involving flash credit exploits.
What is Avalanche?
Avalanche is a layer-1 smart contract platform built by Singapore-based Ava Labs. The altcoin project has come to the fore in recent years and has become one of the top 20 cryptocurrencies in terms of market capitalization. Currently, it still maintains its place in the top 20. Compatible with Ethereum, Avalanche network provides a decentralized application ecosystem. It also offers staking through the Proof-of-Stake consensus mechanism.
What is a flash loan attack?
Flash loan attacks occur when a malicious actor typically borrows unsecured funds from a loan protocol and manipulates the price of a particular asset. In other words, it is a type of attack in which the attacker increases the value of the borrowed asset through manipulation. Malicious actors abuse the security of smart contracts in such attacks. The nature of flash loans is offensive, pocketing the difference once it manages to arbitrage the asset. Thus, it sells back the borrowed capital in the same transaction.
Flash loan incidents have played a leading role in several previous high-profile crypto heists. As Cryptokoin.com reported, the attack on DeFi application Beanstalk, which lost $182 million, was one of them. Accordingly, the Beanstalk attack includes the third largest crypto heist of 2022.