The DeFi protocol Warp Finance was attacked by a $ 7.7 million “flash loan” attack. The project has a plan to recover $ 5.5 million and refund affected users. Details are in our news.
The significant growth of the DeFi field, which attracted billions of dollars locked in many protocols, also attracted the attention of malicious people. The decentralized finance (DeFi) space continues to suffer frequent cyberattacks, and Warp Finance has been the last victim. The project acknowledged earlier today that unnamed perpetrators had compromised the protocol and launched a flash loan attack, collecting nearly $ 8 million.
The platform, which allows users to deposit cryptocurrency assets in exchange for stablecoins, described the events as a “complex flash loan attack”. The perpetrator was able to borrow more than the collateral value, causing other users or lenders to lose money.
The attacker managed to seize $ 7.7 million of various stablecoins. However, Warp Finance’s security team claimed there was “an approximately $ 5.5 million recovery plan still secured in the safe deposit box.”
If the recovery process is successful, the project plans to return the funds to affected users. Warp Finance said it will try to make up for the remaining approximately $ 2.2 million to customers over time.
Flash Loan and Vulnerabilities
While traditional cryptocurrency loans typically require users to provide some form of collateral on crypto assets, flash loans work differently. Users can borrow without depositing any collateral, as the lender expects the funds to be returned immediately (within the same block). If the borrower does not do this, the contract will be void as if it never existed.
The popularity of flash loans has skyrocketed due to speed and convenience during the DeFi craze. However, malicious people have used them for numerous similar attacks in the past few months. Previous victims included protocols such as bZx, Balancer, Harvest, Acropolis, and Origin Protocol.
Blockchain analytics firm Glassnode has investigated the possible causes behind the growing number of flash loan attacks. He concluded that most of the abuses came from central price oracles, prices of manipulated assets, and “withdrawing funds from contracts.”
DeFi protocols have upgraded their platforms to combat vulnerabilities. However, as the Warp Finance situation shows, the relatively new DeFi invention still presents security issues, and investors need to be aware of the dangers before they can allocate any funds.