The Avalanche (AVAX) smart contract platform was the scene of an attack. The pirates managed to take the key to the field with a nice hoard. On the other hand, this offensive has affected several players in the industry.
Avalanche at the heart of a flash loan attack
On Twitter, CertiK, a cybersecurity company specializing in blockchain, reported an attack of the type flash loan on the Avalanche blockchain.
As a reminder, this is a cyberattack which consists, first of all, in exploiting the vulnerability of a smart contract to borrow digital assets without collateral via a DeFi protocol. Subsequently, the hacker manipulates the price of the asset in question so that it increases. And finally, he resells the cryptoassets he borrowed to collect a capital gain.
In this case, the attacker allegedly interacted with a smart contract and several liquidity providers to procure AVAX, the native token of the Avalanche network. In addition, this operation would have brought him $370,000 in USDC.
Some affected exchanges?
According to Certik, automated market maker Curve Finance, decentralized exchange (DEX) Trader Joe XYZ and trading platform lending Nereus Finance would have been impacted. That said, the flash loan attack do not have much impact on loan protocols. Insofar as they are assured of recovering at least the funds they have lent. On the other hand, these hack affect people who hold the relevant cryptocurrency. And sometimes, in very rare cases, the platform that issues this cryptoasset.
In this case, the attack would have taken place Tuesday around noon, universal time. Between 12:39 p.m. and 2:19 p.m. GMT, the price of AVAX increased by 7.5%. Then, in the hours that followed, it returned to its initial value. On the other hand, AVAX continued to fall until it was almost 12% below its high of the day.
This hack was identified thanks to Skynet, a tracking system on chain developed by CertiK which continuously tracks transactions in online smart contracts and identifies those that appear suspicious. Currently, the identity of the hacker is unknown. This is usually what happens in most attacks of this type.
Receive a digest of news in the world of cryptocurrencies by subscribing to our new service of
daily and weekly so you don’t miss any of the essential Tremplin.io!