Flash loan attacks are no flash in the pan. They’re in fact becoming a very serious problem in the cryptocurrency and specifically decentralized finance (DeFi) space.

In this article we’ll take a look at what they are, how they work, and how to take profit from it if you are not the atacker.

What Is a Flash Loan Attack?

Flash loan attacks are the most common types of DeFi attacks since they are the cheapest to pull off and easiest to get away with. They have been consistently making headlines since DeFi’s surge in popularity in 2020 and appear to be growing more rampant in 2021, spanning several hundred million dollars in losses to date.

How Flash Loan Attacks Work

For this to work, the process needs to happen fast and the debt must be repaid to the protocol in time, otherwise the transaction will reverse. A decentralized lender doesn’t require collateral from you since the agreement to pay your debt is enforced by a blockchain. Flash loan attackers thrive on finding ways to manipulate the market while still abiding by a blockchain’s rules.

Case Studies

PancakeBunny Attack

The attacker initially borrowed a large amount of BNB through PancakeSwap and used it to manipulate the price of USDT/BNB and BUNNY/BNB in PancakeBunny’s pools. This allowed the hacker to steal a large amount of BUNNY, which they dumped on the market, causing the price to crash. The hacker then paid back the debt via PancakeSwap.

Data suggests that the hacker was able to get away with nearly $3 million in profits, leaving a tarnished protocol in its wake.

Alpha Homora Exploit

The hacker repeatedly borrowed sUSD from Iron Bank via the Alpha Homora dapp, doubling the amount borrowed each time. This was done in a two-transaction process where the hacker lent the funds back into Iron Bank each time, which allowed them to receive Yearn Synth sUSD (cySUSD) in return.

Then, the perpetrator borrowed 1.8 million USD Coin (USDC) from Aave via a flash loan then swapped them with sUSD using Curve. The sUSD was used to pay back the flash loan and lend to Iron Bank, which enabled them to continuously borrow and lend more of them and receive a proportional amount of cySUSD each time.

Basically, the hackers rinsed and repeated this process many times, which allowed them to steal massive amounts of Creamy cyUSD that they in turn used to borrow other cryptocurrencies from Iron Bank. Hence, they borrowed 13K Wrapped Ethereum (WETH), 3.6 million USDC, 5.6 million USDT, and 4.2 million DAI.

As you can see, the process can be quite complex and requires a series of steps that need to happen very fast, which is a testament to how far these attackers are willing to go.

How To Take Profit If You Are Not The Atacker

This, makes the token attractive for the rest of the DeFi users since it represents great chances of obtaining huge profits when the price of the token begins to increase.

In the past days, many people have started to be on the lookout for this type of attack, to take advantage of the opportunity to buy an extremely valuable token, for an extremely low price.

This is where we come in. Our tool offers an alert service (in our iOS & Android App) and the possibility of executing a purchase order in case of a token in the user’s watchlist suffers an attack, just by holding our tokens.

Twitter: @tools_flash
Telegram: @FlashDipEaterOfficial
GitHub: @FlashDipEater
WebSite: TBA

Website: https://flashdipeater.com/ Telegram: @FlashDipEaterOfficia l GitHub: @FlashDipEater Twitter: @tools_flash