A “flash loan” attack took place on the Avalanche network, and the hacker who carried out the attack stole 370 thousand dollars.
A smart contract vulnerability was exploited in a flash loan attack on the Avalanche network.
Flash Loan Attack in Avalanche
Avalanche, which came to the agenda with the statements of CryptoLeaks in the past weeks, now has a flash loan attack. Decentralized exchange Trader Joe, Nereus Finance and Curve Finance are thought to be affected by this attack. Details were shared in a Tweet. The attacker exploited a smart contract vulnerability in the Avalanche network, and the attacker used Wrapped Avalanche to withdraw their funds.
https://twitter.com/CertiKAlert/status/1567314528357990401
A flash loan attack is a smart contract security abuse event in which a malicious person borrows unsecured funds from the loan protocol and increases the value of a particular asset by manipulating its price.
Due to the nature of the instant loan, the attacker succeeds to arbitrage the asset and then profits from the difference and sells the borrowed capital back in the same transaction.
CertiK’s on-chain security software that actively monitors and displays suspicious smart contract data online has been caught by Skynet. The identity of the attacker is unknown, as in typical flash loan attacks.