Decentralized finance (DeFi) hit the pause button early Tuesday after a hacker exploited the platform with complex set of transactions, yielding a profit of more than 2378 ether (ETH).
The hacker took a flash loan of 7500 ETH, of which 3518 were converted to Synthetix's USD stablecoin (sUSD), which were then used as collateral for the bZx loan.
The hacker then boosted sUSD prices to $2 by placing buy order worth 900 ETH for the stablecoin on Kyber Network.
Using the inflated collateral, another loan of 6,796 ETH (roughly $1.8 million) was raised through bZx, which was then used to pay back the original 7,500 ETH loan. In the process, the trader pocketed 2,378 ether. Meanwhile, bZx reportedly lost 2,716 ETH.
The hacker has now left an open loan with half the required collateral now sUSD has returned to its dollar-pegging. bZx fell victim to a similar flash-loan based attack on Feb. 14, which saw hackers take away $2,300 ETH.
A few observers are blaming flash loans for the recent attacks on DeFi. After all, flash loans do not require collateral and reduce costs associated with launching DeFi attacks.
That said, the real issue could be with the decentralized exchanges, which are prone to manipulation due to poor liquidity, as noted by Emin Gün Sirer, CEO of AVA Labs. |