Markets are reactivated while asset borrowing is suspended – Bitcoin Security News
In the aftermath of the Cream Iron Bank flash loan attack, preliminary results of an investigation showed that contracts and markets are still functioning normally. As a result, the markets have now been reactivated while the asset borrowing function has been discontinued. The Cream team also reveals that investigations are continuing.
After the feat, the value of the Cream protocol token fell from just over $ 280 on February 12 to $ 186.48 24 hours later. At the time of writing, data from Messari shows that the token has recovered although it has mostly remained below $ 230.
Meanwhile, in his Analysis of the exploit, researcher Igor Igamberdiev reveals that the attacker (s) “used Alpha Homora to borrow Synthetix stablecoin from Ironbank”. He adds that “each time they borrowed twice as much as the previous one”. The attacker (s) did this through two transactions and every time they loaned the funds to Ironbank, they received Yearn Synthetix stablecoin.
According to Igamberdiev, the attacker (s) had at one point obtained a $ 1.8 million flash loan from Aave v2. This flash loan was then exchanged with Synthetix stablecoin for a subsequent loan to Ironbank.
Millions siphoned off
Using similar tactics, the attacker (s) would take an even larger loan. In his Twitter thread, Igamberdiev explains:
In addition, a $ 10 million flash loan is taken out which is also used to increase the number of Yearn Synthetix Stable Coins. In the end, the number of their Yearn Synthetix stablecoin reaches an incredible amount, which allows them to borrow anything from Iron Bank.
As a result, the attackers borrowed stablecoins valued at $ 13.4 million as well as ETH valued at over $ 23 million.
At the time of writing, it had been revealed that the debt resulting from the attack “will not be between users and Alpha Homora”. Instead, it will be Alpha Homora and Iron Bank who will have to “find a solution that resolves the debt between the two protocols”.
What do you think needs to be done to prevent future flash loan attacks? You can tell us what you think about it in the comments section below.
Image credits: Shutterstock, Pixabay, Wiki Commons, Messari.io,
Warning: This article is for informational purposes only. This is not a direct offer or the solicitation of an offer to buy or sell, nor a recommendation or endorsement of any product, service or business. Bitcoin.com does not provide investment, tax, legal or accounting advice. Neither the company nor the author is responsible, directly or indirectly, for any damage or loss caused or allegedly caused by or in connection with the use of or reliance on any content, good or service mentioned in this article.