Flash Loan Attack on Nirvana Drains $3.49 Million from Reserves

3 mins read

Listen to this article:

Solana-based Nirvana Finance decentralized finance (DeFi) protocol is warning users that their utility coin has lost its collateral, after a flash loan attack cost the platform over $3 million.

The group announced the attack took place on Thursday, July 29, 2022, draining the group’s reserves through a complicated swap involving USD Coin, Nirvana’s ANA coin, and Tether (USDT).

Flash Loan Attack Involves Borrowing USDC, Exchanging for ANA

Nirvana Finance confirmed the attack in the morning hours of July 29, saying Twitter: “Nirvana has been maliciously hacked and the reserves have been stolen. A flashloan attack was used to steal money. This is not the fault of Solend, but an exploit of Nirvana's program.” SolanaFM co-founder FA2 detailed the attack in further detail, noting the attack involved borrowing from the Solend Main Pool.

The hackers started the attack by borrowing $10 million in a flash loan from the Solend protocol. From there, the perpetrators use the coins to mint the full equivalent into ANA coins. Once the coins were in their possession, the ANA was quickly exchanged for USDT, resulting in a net gain of $3.49 million.

Afterwards, the $10 million of USDC was returned to Solend, while the $3.49 million from Nirvana Finance was converted to USDCet through Wormhole, and transferred the balance to an Ethereum address. It is unclear if the assets have since been liquidated or otherwise transferred into fiat.

As a result of the attack, Nirvana Financial is warning their customers the ANA coin has lost collateral, while the NIRV coin lost its peg.

“Until the thief restores funds, these tokens will not have exchange value,” the protocol warned on Twitter. “Be very careful with trading NIRV & ANA, as they currently have no guaranteed value.”

Why Flash Loans Come with Dangers to DeFi

A flash loan was designed as a quick way for users to leverage DeFi platforms. The strategy involves taking a loan from a protocol without collateral, using the coins on another platform to gain a profit, and then paying back the loan with a small fee to the original lender.

While they were designed to take advantage of the difference in coin prices across exchanges or gaining money through collateral exchanges, malicious users have found ways to use them to steal money out of DeFi platforms. According to data from CipherTrace Cryptocurrency Intelligence, DeFi hacks involving all attack methods – including flash loans – increased over 2.8 times in the first half of 2021 alone, stealing over $361 million from DeFi platforms.

DeFi hubs across all blockchains can be attacked, so long as smart contracts allow for flash loans. Among the 30 confirmed DeFi platform attacks confirmed in the first half of 2021, protocols including Uranium Finance, Eleven.Finance, ChainSwap, and AnySwap were all targeted.

Even though users are usually not targeted in flash loans, the value in their tokens can be lost. However, there are ways retail coin holders can protect themselves from losing money:

  • Keep tokens in a cold wallet or non-custodial wallet: Coins kept off exchanges are safer, as hackers need access to your private keys.
  • Be aware of the risks in DeFi: Decentralized finance platforms can be more volatile by nature, based on their total value locked and economic factors. Be sure to understand the protocol’s background, white paper, roadmap, and stay informed on their blockchain to get a better view of the risk before buying in.
  • Diversify your portfolio: Keeping assets in just one coin can lead to a major loss in the event of an attack. By keeping a diverse amount of coins, holders can reduce their chances of losing a lot of money if one of their coin protocols are attacked.
You may also like

Recent Articles