Discover and read the best of Twitter Threads about #FlashLoan
Most recents (10)
According to @numencyber on-chain data monitoring, at 10:48:03 PM +UTC on Feb-16-2023, the #StarlinkCoin contract on the #BNBChain was attacked by a #flashloan..../.resulting in a loss of 38 $BNB (~$12,000)
Attacker address: bscscan.com/address/0x1874…
Attacker address: bscscan.com/address/0x1874…
👉 The attack occurred when the #StarlinkCoin contract used the "transfer" function to transfer funds, which incurs a fee when funds come from the LP contract. 
A #flashloan attack on @UpswingFinance resulted in the loss of ~22 ETH (~$35.5K)
The project has appeared inactive since Oct. 2020 and was attacked using price manipulation.
A thread👇
The project has appeared inactive since Oct. 2020 and was attacked using price manipulation.
A thread👇
It was a price manipulation attack caused due to the design flaw of the $UPStkn token - the _transfer function of the token.
The attack occurred in three key steps👇
The attack occurred in three key steps👇
1) the attacker uses 18 swaps to lift $UPStkn's sell pressure. Also, during the swaps, the attacker swaps 1.31 Ether for 136,299.97 UPStkn.
#Flashloan
Beosin EagleEye monitored a flashloan attack on MooCakeCTX contract. The loss is ~$140K.
There is no time restrictions on collateral and rewards, and the prevention of caller is not comprehensive enough, enabling the attacker to increase dividends via flashloan.
Beosin EagleEye monitored a flashloan attack on MooCakeCTX contract. The loss is ~$140K.
There is no time restrictions on collateral and rewards, and the prevention of caller is not comprehensive enough, enabling the attacker to increase dividends via flashloan.
2/ Tx:
bscscan.com/tx/0x03d363462…
The attacker flashloaned $BUSD and swapped into vBUSD and then into $CAKE, as only $CAKE can be used as collateral in StrategySyrup. The $CTK are prepared at the same time, so that smartchef function can call a successfully performed transfer.
bscscan.com/tx/0x03d363462…
The attacker flashloaned $BUSD and swapped into vBUSD and then into $CAKE, as only $CAKE can be used as collateral in StrategySyrup. The $CTK are prepared at the same time, so that smartchef function can call a successfully performed transfer.
3/ After calling deposit function, the hacker called harvest function. Here the call address is the attack contract. The harvest function judges whether the call address is an EOA address, but when the initiating call in the case of the constructor, iscontract() can be bypassed.
#BeosinAlert #Flashloan
$PLTD suffers a price manipulation attack with a profit of 24,497 $BUSD for the hacker.
(Tx provided by @bbbb)
TX:0x8385625e9d8011f4ad5d023d64dc7985f0315b6a4be37424c7212fe4c10dafe0
Attacker’s address:0x6ded5927f2408a8d115da389b3fe538990e93c5b
$PLTD suffers a price manipulation attack with a profit of 24,497 $BUSD for the hacker.
(Tx provided by @bbbb)
TX:0x8385625e9d8011f4ad5d023d64dc7985f0315b6a4be37424c7212fe4c10dafe0
Attacker’s address:0x6ded5927f2408a8d115da389b3fe538990e93c5b
The attacker mainly exploits the vulnerability in the PLTD contract to reduce the balance of PLTDs in Case-LP (0x4397c7) to 1 via flashloan, and then uses the $PLTD to swap all the $BUSD into the attack contract.
Step 1: The attacker initiates 2 flashloans through DODO and borrows $666,000 BUSD.
GM! Here's the daily summary of trending projects on crypto GitHub. Curated by the greatest web3 developers ⭐️.
Check the 8 projects in the thread below 🧵👇🏻
Check the 8 projects in the thread below 🧵👇🏻
abigger87 and 5 others starred repo whitenois3/flashloan-rs (3 ⭐️)
Minimal Multicall3 Flashloan Module...
#arbitrage #ethereum #flashloan #rust
github.com/whitenois3/fla…
Minimal Multicall3 Flashloan Module...
#arbitrage #ethereum #flashloan #rust
github.com/whitenois3/fla…
dcbuild3r and 5 others starred repo diptools/dip (214 ⭐️)
Write cross-platform application with React-like declarative UI and scalable ECS arch...
#bevy-engine #desktop-app #dioxus #rust #cross-platform #bevy-plugin #declarative-ui #framework #ecs
github.com/diptools/dip
Write cross-platform application with React-like declarative UI and scalable ECS arch...
#bevy-engine #desktop-app #dioxus #rust #cross-platform #bevy-plugin #declarative-ui #framework #ecs
github.com/diptools/dip
#Flashloan
On July 10, @OMNI_xyz OMNI protocol suffered a reentrancy attack. The hacker made a profit of ~496 $ETH and deposited into Tornado.cash.
We take one of the attack Txs (0x05d65e0adddc5d9ccfe6cd65be4a7899ebcb6e5ec7a39787971bcc3d6ba73996) as an example:
On July 10, @OMNI_xyz OMNI protocol suffered a reentrancy attack. The hacker made a profit of ~496 $ETH and deposited into Tornado.cash.
We take one of the attack Txs (0x05d65e0adddc5d9ccfe6cd65be4a7899ebcb6e5ec7a39787971bcc3d6ba73996) as an example:
2/ The attacker first borrowed 1,000 $WETH and 20 #Doodles via flashloan and staked NFTs with ids 720, 5251 and 7425, obtained the corresponding digital receipts and then borrowed 12.15 WETH.
3/ Then call the withdrawERC721 function to withdraw the NFTs with ids 720 and 5251. This will call Ntoken contract’s burn function, which internally calls the safeTransferFrom function to send the NFTs to the attack contract and calls back the onERC721Received function.
We are seeing a possible exploit on @BeanstalkFarms - symbol $BEAN which has dropped 100%
#slippage
Address: 0xdc59ac4fefa32293a95889dc396682858d52e5db0x48f33863b1defc7b294717498c634ba9a5fb58a7
Be careful out there!
#slippage
Address: 0xdc59ac4fefa32293a95889dc396682858d52e5db0x48f33863b1defc7b294717498c634ba9a5fb58a7
Be careful out there!
Flashloan attack on Beanstalk has drained their fund of approx $100 Million
Attacker wallet: etherscan.io/txs?a=0x1c5dcd…
“Publius” the discord owner has stated the project has no money to carry on and ‘its dead’.
Attacker wallet: etherscan.io/txs?a=0x1c5dcd…
“Publius” the discord owner has stated the project has no money to carry on and ‘its dead’.
The hacker has moved roughly $30M (~9700 #ETH) to @TornadoCash
Follow the funds yourself with SkyTrace: certik.com/skytrace/eth:0…
Follow the funds yourself with SkyTrace: certik.com/skytrace/eth:0…
#CommunityAlert 🚨
@ElephantStatus's Treasury contract experienced a #flashloan attack leading to a loss of around $11M. The Treasury contract is unverified and unaudited.
bscscan.com/address/0xd520…
@ElephantStatus's Treasury contract experienced a #flashloan attack leading to a loss of around $11M. The Treasury contract is unverified and unaudited.
bscscan.com/address/0xd520…
The attacker took advantage of the redeem mechanism of the $TRUNK token, manipulated the price oracle to empower the token return, and stole ELEPHANT from the unverified Treasury contract.
Attack Steps 👇
Attack Steps 👇
1. The attacker deployed an attacker contract and borrowed $WBNB and $BUSD using flashloan from multiple pair pools.
2. Most of the borrowed WBNB was swapped for ELEPHANT to raise the price of ELEPHANT.
2. Most of the borrowed WBNB was swapped for ELEPHANT to raise the price of ELEPHANT.
#Thread comment passer de 500$ à 3 Million$ en à peine 2H 👀
Si vous êtes du genre à suivre bêtement ce qu'on vous dit n'allez pas plus loin vous allez être frustré.
Si vous êtes curieux, là pour la tech, avec l'envie d'apprendre let's go
Si vous êtes du genre à suivre bêtement ce qu'on vous dit n'allez pas plus loin vous allez être frustré.
Si vous êtes curieux, là pour la tech, avec l'envie d'apprendre let's go
Prérequis : savoir analyser des montages financier, comprendre comment un rendement est généré + maitriser l'environnement Blockchain.
après go sur #FTM vous déposez ~500$ sur une adresse vierge
Mise en place d'un #FlashLoan des Familles pour à peine 1$ la TX
ftmscan.com/tx/0xe37449503…
Mise en place d'un #FlashLoan des Familles pour à peine 1$ la TX
ftmscan.com/tx/0xe37449503…
1. As promised, this is a thread about @AaveAave and #flend! AAVE is a lending/borrowing protocol that evolved the #defi ecosystem to the next step! It's gonna be a long thread, let's start!
$ftm
$ftm
2. In order to understand the decentralized way, we first need to understand the traditional way.
As always i'll try to make it as easy as it can be!
So we first need to understand how banks make money.
As always i'll try to make it as easy as it can be!
So we first need to understand how banks make money.
