Loading...

Wise Lending loses over $400,000 in a flash loan attack

Wise Lending

Most read

Loading Most Ready posts..

TL;DR

  • Web3 lending app Wise Lending has reported a flash loan exploit that saw the platform lose over $400,000 to malicious actors.
  • Defi protocols and their rocky start to 2024.

In a recent turn of events, Wise Lending, a Web3 lending app and yield aggregator, found itself at the center of an exploit on January 12, resulting in the loss of 170 Ether. This amounted to $440,000 at current market prices that Wise Lending lost, shedding light on the persistent vulnerabilities within decentralized finance (DeFi) protocols.

Wise Lending reports flash loan attack

The Wise Lending attack unfolded at 7:29 pm UTC, orchestrated by an unidentified party that employed an unverified contract with an address ending in d82c. The modus operandi involved transferring a variety of tokens into this contract, including $9,000 worth of USD Coin, $2,000 worth of Tether, $5,000 worth of Dai, 18.51 Wrapped Ether (WETH) valued at $47.694, and several tokens associated with Pendle Finance. The exploit took a significant turn as the attacker borrowed 1,110 Lido Staked Ether (stETH) tokens, totaling $2.9 million, from the Aave lending protocol.

Flash loans, a common tool for exploiters, facilitated the manipulation of oracle prices, a technique that exploits vulnerabilities in pricing mechanisms. Pseudonymous blockchain security researcher Spreek was quick to raise the alarm on social media, disclosing that Wise Lending had fallen victim to an exploit resulting in the loss of approximately 170 ETH. Speculation emerged within the crypto community, with Spreek suggesting a potential association between the vulnerability and a new Pendle Finance derivative token.

Defi protocols and their rocky start to 2024

Another security researcher, Officer’s Notes, echoed the sentiment, emphasizing the recurring nature of such exploits, stating, “Another day, another exploit.” Officer’s Notes delved into the technicalities, proposing that the vulnerability might be linked to a 7% price swing between stETH and ETH within a specific pool. This swing, according to the Officer’s Notes, was influenced by an AAVE v2 stETH flashloan. The unfolding of events in the early days of 2024 has set a concerning tone for the DeFi landscape. Losses exceeding $5 million have been recorded through exploits on various protocols.

Radiant Capital experienced a significant blow on January 3, losing over $4.5 million, while Gamma Protocol, a liquidity manager, succumbed to an exploit, losing over $400,000 the following day. The vulnerability of DeFi protocols to exploits has been a persistent concern, with 2023 witnessing cumulative losses of over $1.8 billion due to crypto hacks, scams, and exploits, according to blockchain security platform Certik. These incidents highlight the urgency for heightened security measures, regular audits, and swift responses to vulnerabilities within the rapidly evolving DeFi space.

As the crypto ecosystem advances, the need for protocols to adapt and reinforce their defenses becomes increasingly apparent. Comprehensive security practices are vital to protect user funds and preserve the credibility of decentralized financial platforms. The frequency and sophistication of these exploits underscore the challenges faced by the DeFi community, emphasizing the continuous efforts required to ensure the integrity and security of decentralized finance in an ever-changing landscape.

Disclaimer. The information provided is not trading advice. Cryptopolitan.com holds no liability for any investments made based on the information provided on this page. We strongly recommend independent research and/or consultation with a qualified professional before making any investment decisions.

Share link:

Owotunse Adebayo

Adebayo loves to keep tab of exciting projects in the blockchain space. He is a seasoned writer who has written tons of articles about cryptocurrencies and blockchain.

Stay on top of crypto news, get daily updates in your inbox

Related News

Cryptopolitan
Subscribe to CryptoPolitan