Solana-based yield protocol suffers a $3.5 M in a Flash Loan attack

Nirvana Finance, a Solana-based Defi protocol, suffered a $3.5 million exploit using flash loans to manipulate and drain its liquidity pools.

The price of the protocol’s native ANA token sank 80% low in the past few hours, while its NIRV stablecoin lost its peg to the U.S. dollar and slipped to 8 cents (at the time of writing).

Nirvana let users earn annual yields of over 100% on their locked assets by developing and eliminating tokens based on user demand as the ANA tokens were purchased from and sold to the protocol. Over $3.5 million worth of ANA was sealed on the protocol before the attack on Thursday.

Similar: Solana’s Concentrated Liquidity Protocol suffers an $8.7 M Hack

Flash Loan attack

Flash loans are a prevalent way for attackers to acquire the funds to conduct exploits on decentralized finance (DeFi) systems. In April, the Beanstalk stablecoin protocol was depleted of $182 million, and last month more than $1.2 million was grabbed from Inverse Finance.

The loans permit traders to borrow unsecured funds from lenders utilizing smart contracts rather than from third parties. They do not mandate any collateral because the contract believes the transaction is complete only when the borrower repays the lender. This means a borrower defaulting on a flash loan would cause the smart contract to nullify the transaction and the money would be repaid to the lender.

Data from blockchain explorers show that the attack used over 10 million USDC sourced from the lending tool Solend in a flash loan. At that point over $10 million worth of ANA was minted, or assembled, and the entire amount was swapped to acquire $3.5 million worth of tether (USDT) from Nirvana’s treasury wallet.

This was possible because the treasury believed the 10 million USDC input to be authentic. Nonetheless, that wasn’t the case, and the protocol was hence duped into releasing its treasury’s liquidity.

The attacker managed to source over 10 million USDC in a flash loan and drained Nirvana’s liquidity pool

The total value locked on Nirvana plunged to 7 cents in European morning hours following the attack. Its entire liquidity pool was drained.

Further, the 10 million USDC was returned to Solend after the exploit. The stolen funds were moved to the Ethereum network using Wormhole, a blockchain tool that links Solana to other networks, and converted to DAI, an Ethereum-based stablecoin.

The attacker address – 0xB9AE2624Ab08661F010185d72Dd506E199E67C09 as of now holds over $3.5 million worth of DAI.

Nirvana’s trading functions were discontinued by developers following the attack.

Hungry for more information?

NFT Calendar from NFTHi

Check out the Latest NFT News!

For more interesting updates on NFTs, connect with NFTHI on Twitter and Instagram.

Join us on Telegram!

NFTHI does not recommend any kind of Investment in NFTs or NFT trading. All the strategies are merely educational references.

Conduct thorough research before you start with NFTs

Share This Post

Related Posts

Meta unveils Startup Accelerator in India, amid Metaverse Push

Meta is looking at India’s startup ecosystem as it...

Uniswap Protocol has blocked 253 crypto addresses

Uniswap Protocol, a Decentralised exchange has blocked 253 crypto...

Solana-based Defi platform Mango Hit By $100 Million Hack

Mango, a decentralized finance platform on the Solana blockchain,...

Logan Paul Announces ‘Liquid Marketplace’ For Fractionalized NFT Art

Famous Youtuber and social media personality Logan Paul just...

Meme NFT Auctions Are Back! ‘Coffin Dance’ Video Listed On Foundation

Guess who's back? Meme NFT auctions are well and truly...