Facebook Twitter Instagram
    Monday, July 4
    Trending
    • Barcelona pushing for Ousmane Dembele stay despite concerns over lack of footballing knowledge
    • Fourth of July 2018: Which three US presidents died on Independence Day? Who was Sally Hemings? | The Independent
    • Vienna, Copenhagen and Zurich Selected as World’s Most Liveable Cities in 2022
    • Two Men Charged With Murder Of Model Christy Giles & Hilda Marcela Cabrales-Arzola Who Were Dumped Outside LA Hospitals Last Year
    • R. Kelly on Suicide Watch ‘For His Own Safety,’ Feds Say – Billboard
    • 20 Best Video Game Endings Ever
    • Predators Acquire Defenseman Ryan McDonagh in Deal With Lightning
    • Razer Kishi V2 review: new design, frustrating problems
    Facebook Twitter Instagram Pinterest VKontakte
    Swave Digest
    • Home
    • World News
    • Technology
      • Smartphones
      • Computers
      • Programming
      • Automobiles
    • Entertainment
      • Music
      • Anime
      • Movies
    • Sports
      • Football
      • Basketball
      • Tennis
    • Business
      • Crypto
      • Stocks
      • NFT
    • Lifestyle
      • Fashion
      • Health
      • Travel
    • Shop
    Swave Digest
    Home»Business»NFT»Inverse Finance exploited again for $1.2M in flashloan oracle attack
    NFT

    Inverse Finance exploited again for $1.2M in flashloan oracle attack

    Swave DigestBy Swave DigestJune 17, 2022No Comments3 Mins Read
    Facebook Twitter Pinterest LinkedIn Tumblr Email
    Inverse Finance exploited again for $1.2M in flashloan oracle attack
    Share
    Facebook Twitter LinkedIn Pinterest Email

    Inverse Finance exploited again for $1.2M in flashloan oracle attack

    Just two months after losing $15.6 million in a price oracle manipulation exploit, Inverse Finance has again been hit with a flashloan exploit that saw the attackers make off with $1.26 million in Tether (USDT) and Wrapped Bitcoin (WBTC).

    Inverse Finance exploited again for $1.2M in flashloan oracle attack 4415 829434Inverse Finance exploited again for $1.2M in flashloan oracle attack 4415

    Inverse Finance is an Ethereum based decentralized finance (DeFi) protocol and a flashloan is a type of crypto loan that is usually borrowed and returned within a single transaction. Oracles report outside pricing information.

    The latest exploit worked by using a flashloan to manipulate the price oracle for a liquidity provider (LP) token used by the protocol’s money market application. This allowed the attacker to borrow a larger amount of the protocol’s stablecoin DOLA than the amount of collateral they posted, letting them pocket the difference.

    The attack comes just over two months after a similar April 2 exploit which saw attackers artificially manipulate collateralized token prices through a price oracle to drain funds using the inflated prices.

    In response to the attack, Inverse Finance temporarily paused borrowing and removed its DOLA stablecoin from the money market while it investigated the incident, saying no user funds were at risk.

    Inverse has temporarily paused borrows following an incident this morning where DOLA was removed from our money market, Frontier. We are investigating the incident however no user funds were taken or were at risk. We are investigating and will provide more details soon.

    — Inverse+ (@InverseFinance) June 16, 2022

    It later confirmed that only the attacker's deposited collateral was affected in the incident and only incurred a debt to itself due to the stolen DOLA. It encouraged the attacker to return the funds in return for a “generous bounty”.

    Related: Attackers loot $5M from Osmosis in LP exploit, $2M returned soon after

    In total, the attacker’s gained 99,976 USDT and 53.2 WBTC from the attack, swapping them to ETH before sending it all through the cryptocurrency mixer Tornado Cash, attempting to obfuscate the ill-gotten gains.

    The previous attack in April saw attackers make off with $15.6 million in ETH, WBTC, YFI and DOLA.

    DeFi marketplace Deus Finance suffered from a similar exploit in March, with attackers manipulating a price pairing within an oracle leading to a gain of 200,000 Dai (DAI) and 1101.8 ETH worth over $3 million at the time.

    Beanstalk Farms, a credit based stablecoin protocol lost all $182 million worth of collateral in a flash loan attack caused by two malicious governance proposals which in the end drained all funds from the protocol.

    How the latest attack went down

    Blockchain security firm BlockSec analyzed that the attacker borrowed 27,000 WBTC in a flashloan swapping a small amount to the LP token used to post collateral in Inverse Finance so users can borrow crypto assets.

    The remaining WBTC was swapped to USDT, causing the price of the attacker's collateralized LP token to rise significantly in the eyes of the price oracle. With the value of these LP tokens now worth far more due to the price rise, the attacker borrowed a larger amount than usual of the DOLA stablecoin.

    The value of the DOLA was worth much more than the deposited collateral, so the attacker swapped the DOLA to USDT, and the earlier WBTC to USDT swap was reversed to repay the original flashloan.

    $1.2m again, attack exploited finance flashloan for inverse nft oracle
    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email
    Swave Digest
    • Website
    • Twitter
    • Pinterest

    Related Posts

    Barcelona pushing for Ousmane Dembele stay despite concerns over lack of footballing knowledge

    July 4, 2022

    R. Kelly on Suicide Watch ‘For His Own Safety,’ Feds Say – Billboard

    July 4, 2022

    CoinShares acquires French crypto asset manager Napoleon AM

    July 4, 2022

    Anticoagulants for thrombosis prophylaxis in acutely ill patients admitted to hospital: systematic review and network meta-analysis

    July 4, 2022
    Add A Comment

    Leave A Reply Cancel Reply

    Twitter Instagram Pinterest
    • Home
    • Privacy Policy
    • Terms & Conditions
    • Contact Us
    © 2022 Swave Digest. All Rights Reserved.

    Type above and press Enter to search. Press Esc to cancel.

    Posting....
    We use cookies on our website to give you the most relevant experience by remembering your preferences and repeat visits. By clicking “Accept”, you consent to the use of ALL the cookies.
    In case of sale of your personal information, you may opt out by using the link Do not sell my personal information.
    Cookie settingsACCEPT
    Manage consent

    Privacy Overview

    This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
    Necessary
    Always Enabled
    Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
    CookieDurationDescription
    cookielawinfo-checkbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
    cookielawinfo-checkbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
    cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
    cookielawinfo-checkbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
    cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
    viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
    Functional
    Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
    Performance
    Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
    Analytics
    Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
    Advertisement
    Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
    Others
    Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
    Save & Accept