Wise Lending Hit by $464K Flash Loan DeFi Hack
- Wise Lending lost $464,000 in a flash loan attack exploiting a flaw in their share accounting logic.
- The attacker inflated share prices in a nearly empty market, then borrowed heavily based on this inflated value.
- Wise Lending is taking measures to prevent future attacks, but this highlights the challenges of securing DeFi platforms.
In an unexpected twist, Wise Lending, a leading Web3 lending application and yield aggregator, recently faced a flash loan attack resulting in a substantial loss of approximately $464,000. This incident is emerging as a significant crypto hack of 2024, shedding light on vulnerabilities within the decentralized finance (DeFi) sector.
Here’s all you need to know.
Understanding the Attack Strategy
Blockchain security firm PeckShield has outlined the attack, exposing a flaw in Wise Lending’s share accounting logic. A precision issue was manipulated, allowing the attacker to strategically drain the platform’s funds. This marks a pivotal moment in the DeFi landscape as it grapples with the first major breach of the year.
Using a flash loan attack, a tactic often associated with manipulating oracle prices, the perpetrator targeted an almost empty market within Wise Lending, artificially inflating the share price. Seizing the opportunity, the attacker swiftly borrowed a substantial amount from the lending markets, taking advantage of the manipulated conditions.
Also Read: 2023 Web3 & Crypto Funding Report: Trends, Insights, and Predictions
Examining the Staggering Impact
Etherscan data reveals the extent of the attack, encompassing $9,000 worth of USD Coin (USDC), $2,000 worth of Tether (USDT), $5,000 worth of Dai (DAI), 18.51 Wrapped Ether (WETH) valued at $47,694, and various tokens linked to Pendle Finance. Additionally, the attacker utilized the flash loan to borrow 1,110 Lido Staked Ether (stETH) tokens from the Aave (AAVE) lending protocol, totaling around $2.9 million.
Initial reports suggested a new Pendle Finance derivative token as the cause, but some blockchain researchers hinted at a potential link to a 7% price swing between stETH and ETH within a specific pool, possibly triggered by an AAVE v2 stETH flash loan.
Strengthening Defenses
In response to the breach, Wise Lending has implemented preventive measures, prompting the broader crypto community to closely monitor developments. This early 2024 incident serves as a stark reminder of the challenges in securing DeFi platforms.
As the cryptocurrency space grapples with its most significant security breach of the year, the Wise Lending flash loan exploit serves as a wake-up call for the entire DeFi community.
This Might Interest You: Top Bitcoin Spot ETFs to Buy in 2024
