Solana-based yield protocol suffers a $3.5 M in a Flash Loan attack

Nirvana Finance, a Solana-based Defi protocol, suffered a $3.5 million exploit using flash loans to manipulate and drain its liquidity pools.

The price of the protocol’s native ANA token sank 80% low in the past few hours, while its NIRV stablecoin lost its peg to the U.S. dollar and slipped to 8 cents (at the time of writing).

Nirvana let users earn annual yields of over 100% on their locked assets by developing and eliminating tokens based on user demand as the ANA tokens were purchased from and sold to the protocol. Over $3.5 million worth of ANA was sealed on the protocol before the attack on Thursday.

Similar: Solana’s Concentrated Liquidity Protocol suffers an $8.7 M Hack

Flash Loan attack

Flash loans are a prevalent way for attackers to acquire the funds to conduct exploits on decentralized finance (DeFi) systems. In April, the Beanstalk stablecoin protocol was depleted of $182 million, and last month more than $1.2 million was grabbed from Inverse Finance.

The loans permit traders to borrow unsecured funds from lenders utilizing smart contracts rather than from third parties. They do not mandate any collateral because the contract believes the transaction is complete only when the borrower repays the lender. This means a borrower defaulting on a flash loan would cause the smart contract to nullify the transaction and the money would be repaid to the lender.

Data from blockchain explorers show that the attack used over 10 million USDC sourced from the lending tool Solend in a flash loan. At that point over $10 million worth of ANA was minted, or assembled, and the entire amount was swapped to acquire $3.5 million worth of tether (USDT) from Nirvana’s treasury wallet.

This was possible because the treasury believed the 10 million USDC input to be authentic. Nonetheless, that wasn’t the case, and the protocol was hence duped into releasing its treasury’s liquidity.

flash-loan-attack-nirvana-finance-protocol
The attacker managed to source over 10 million USDC in a flash loan and drained Nirvana’s liquidity pool

The total value locked on Nirvana plunged to 7 cents in European morning hours following the attack. Its entire liquidity pool was drained.

Further, the 10 million USDC was returned to Solend after the exploit. The stolen funds were moved to the Ethereum network using Wormhole, a blockchain tool that links Solana to other networks, and converted to DAI, an Ethereum-based stablecoin.

The attacker address – 0xB9AE2624Ab08661F010185d72Dd506E199E67C09 as of now holds over $3.5 million worth of DAI.

Nirvana’s trading functions were discontinued by developers following the attack.


Hungry for more information?

NFT Calendar from NFTHi

Check out the Latest NFT News!

For more interesting updates on NFTs, connect with NFTHI on Twitter and Instagram.

Join us on Telegram!


NFTHI does not recommend any kind of Investment in NFTs or NFT trading. All the strategies are merely educational references.

Conduct thorough research before you start with NFTs

Share This Post

Related Posts

Star Trek NFT Collection Drops Out Today

Thanks to Paramount Global and RECUR, the official Star...

Shannon Snow Is The New COO Of World Of Women

One of the top NFT collectibles, World Of Women...

Veve teams up for NFT Drops of Marvels NFT Artwork

On August 29, the digital collectibles company Veve revealed...

Spotify teams up with Roblox for Planet Hip-Hop

Spotify and Roblox are all set to bring players a...

Ukraine has seized assets from OTC Crypto brokers

Ukrainian prosecutors said they have got a hold of...

Microsoft Surprises Its Metaverse with Xbox and Teams Releases

A few months after Facebook rebranded to Meta, Microsoft...
spot_img