A hacker steals several hundred thousand dollars thanks to a flash loan on Avalanche (AVAX)

Nereus Finance, a decentralized protocol operating on Avalanche (AVAX), suffered a $370,000 attack following price manipulation made possible through a flash loan. An unfortunately common method that has already enabled a large number of hacks in the field of decentralized finance (DeFi).

A DeFi protocol victim of flash loan on Avalanche

Nereus Financea decentralized blockchain lending protocol Avalanche (AVAX), suffered a theft equivalent to $370,000 on one of its smart contracts.

Avalanche is an open source platform allowing the creation of subnets and decentralized applications, all structured by its AVAX token. Find it in our detailed presentation of its ecosystem.

According to the explorer Snowtracethe attacker would have made a $51 million flash loan in order to manipulate prices on Nereus’ NXUSD market. Flash loans are instant loans requiring no collateral but needing to be repaid in a single transaction.

This solution sometimes makes it possible to generate profit by finding arbitrage opportunities in the decentralized finance (DeFi) ecosystem, but it is also sometimes used to manipulate prices and steal funds. The attacker, in the scenario we are talking about, generated a capital gain of $370,000 after repaying his loan.

He then transferred the funds to the Ethereum (ETH) network, before sending 45 ETH to 4 different wallets. The money was then transferred to FixedFloat, a Lightning Network swap protocol. As of this writing, the original wallet identified as belonging to the hacker only holds $15,840 in DAI.

👉 Keep your cryptocurrencies safe from hacks with the Ledger Nano X

The French unicorn of crypto wallets

A complete crypto experience, from buying to securing

toaster icon

The dangers of decentralized finance

the FBI recently highlighted the dangers of decentralized finance, and more specifically the hacks that are increasingly arriving in this ecosystem. The figures are unequivocal: 97% of stolen funds during the first quarter of 2022 come from DeFi.

The method of flash loans is also one of the most common, it was used in particular for the hack to $181 million from Beanstalk last April, or more recently for the $8.8 million Crema Finance hack in July.

However, it is the use of cross-chain bridges which remains the most fashionable method, these bridges being very important sources of liquidity due to their intrinsic structure. This is also the process that was used during the infamous ronin sidechain hack at $621 million, the largest in history.

Note, however, that security firms specializing in blockchain, such as PeckShield Where CertiK are able to detect suspicious activities on protocols and smart contracts more and more quickly.

The flash loan on the Nereus Finance market was first reported thanks to Skynetthe automatic detection software for abnormal activity on smart contracts deployed by CertiK.

👉 Master the cryptocurrency market with our Toaster group

Join Experts and a Premium Community


Invest in your crypto knowledge for the next bullrun

toaster icon

Source: Snowtrace

Newsletter 🍞

Receive a summary of crypto news every Monday by email 👌

What you need to know about affiliate links. This page presents assets, products or services relating to investments. Some links in this article are affiliated. This means that if you buy a product or register on a site from this article, our partner pays us a commission. This allows us to continue to offer you original and useful content. There is no impact on you and you can even get a bonus by using our links.

Investments in cryptocurrencies are risky. Cryptoast is not responsible for the quality of the products or services presented on this page and could not be held responsible, directly or indirectly, for any damage or loss caused following the use of a good or service highlighted in this article. Investments related to crypto-assets are risky by nature, readers should do their own research before taking any action and only invest within the limits of their financial capabilities. This article does not constitute investment advice.

Leave a Comment