Dot Finance suffered a Flash Loan Attack
Dot Finance, a DeFi project based on the Polkadot blockchain, was a victim of yet another flash-loan attack. The attack was possible due to improper mint amount calculation.
WHY FLASH LOAN ATTACKS ARE THE NEW BLACK?
Money for Nothing. That’s what Flash loans are termed as in the DeFi space. But in the recent past, various DeFi platforms were siphoned off over millions through ‘Flash Loan’ Attacks.
Luna Yield siphoned off for $6.7M
Luna Yield, a Solana blockchain based DeFi project rug-pulled investors, causing the total damage of $6.7 Million.
In the crypto space, rug pull is described as a situation wherein the developers of a crypto project pull out support, thereby leaving the investors and users with worthless tokens.
Crypto Exchange HitBTC was attacked, loss - $1M
Sentinel Network reported that crypto exchange HitBTC was hacked, with a total loss amounting to 40 million DVPN tokens (~£730,000) (or) $1M that users had entrusted to the platform. The DVPN utility token acts as a reward for providing bandwidth to a distributed p2p VPN network.
Solend attacked for $16K
Solend, an algorithmic, decentralized protocol for lending and borrowing on Solana was hacked after a hacker successfully cracked the insecure identity check in the “UpdateReserveConfig” function which allowed the hacker to liquidate all user accounts. The hacker also set the APY of borrowed funds to 250%. Mistakenly, funds of 5 users were stolen amounting to $16,000. The hacker will refund affected users’ funds.
Vulnerability Write-ups
The Insecure Ways for Mint Amount Calculation - Dot Finance Analysis by Inspex team.
Solend Incident Report by Rooter Nope.
DeFi Security
Auditing Smart Contracts - Security Review of Ethereum Applications by Mudit Gupta.
From QuillAudits Table
More than 100+ projects wew duped off for $500M due to - “coding errors”. Want to know the best DeFi coding practices?