Solana-based decentralized finance yield protocol, Nirvana, is the latest victim of a flash loan attack in the cryptocurrency space.
- Data from blockchain security firm, PeckShield, revealed that the attacker managed to drain nearly $3.5 million worth of funds from the protocol.
- It all started when the entity behind the exploit used a $10 million flash loan in USDC stablecoin to mint $10 million worth of ANA tokens from the Solend Main Pool Vault.
- Flash loan attacks are basically a rapid pump-and-dump that uses the quick and collateral-free borrowing available via some DeFi platforms.
- The protocol oracle feed was manipulated to artificially jack up the holdings of ANA tokens’ to surpass $10 million, which was then swapped for $13.49 million in USDT.
- The hacker converted the full USDT amount into USDCet, thereby transferring the funds into an ETH account through Wormhole.
- The attack eventually led to a drain of $3.49M USDT from the Nirvana Finance Treasury.
- Nirvana is yet to release an official statement regarding the exploit, but Solend has confirmed the incident in a tweet,
“We’re aware of a @nirvana_fi exploit that made use of Solend flash loans. We’re in contact with the team to help in any way we can. Funds on Solend are safe.”
- In recent months, several protocols have suffered flash loan attacks.
- As reported earlier, DeFi protocol, Beanstalk Farms lost $180 million in a similar incident. It appeared that the hacker donated 250,000 USDC to the Ukraine Crypto Donation wallet.