Home > CryptoNews > Companies > Solana Based Nirvana Finance Suffers $3.5M Flash Loan Exploit

Solana Based Nirvana Finance Suffers $3.5M Flash Loan Exploit

Solana Based Nirvana Finance Suffers $3.5M Flash Loan Exploit

Nirvana Finance, a Solana-based yield protocol, suffered a flash loan attack which resulted in a loss of $3.5 million. The cyber criminal utilized flash loans in order to manipulate and drain the protocol’s liquidity pool.

Another day, another exploit in the cryptocurrency space. Besides ransomware attacks, several other cybercrimes have gained momentum in recent times especially in the crypto industry. Interestingly, blockchain analytics firm, Chainalysis, suggested that the amount of cryptocurrencies streaming into crypto mixer services have attained an ‘all-time high’ in 2022 as funds from illegitimate wallets belonging to malicious entities and criminal activity increased multifolds. This in turn proves the palpable rise in cyber crimes related to cryptocurrencies.

How Did Hackers Exploit Nirvana?

According to data from blockchain security firm, PeckShield, the attacker took a $10 million USDC loan to mint $10 million worth of Nirvana native stablecoin (ANA) tokens from the Solend Main Pool Vault and then swapped the $10 million ANA for $13.49 million USDT. This way, the attacker could steal $3.5 million from the Nirvana treasury, repay the USDC loan, and then move the stolen funds to an Ethereum wallet converting it to DAI stablecoin. 

Following the attack, ANA token fell over 80 per cent in just a couple of hours, while its NIRV stablecoin lost its peg to the U.S. dollar and dropped to 8 cents. Solend, another DeFi protocol on Solana, confirmed that the attacker borrowed the initial $10 million USDC from its main pool.

The Solana-based lending protocol tweeted that it was already in contact with the Nirvana team and that funds on its platform were safe. Nirvana has since clarified that the attack was not a fault of Solend but rather due to an exploit of its system. Nirvana tweeted,

“A flashloan attack was used to steal money. This is not the fault of Solend, but an exploit of Nirvana’s program.”

Rising String of Crypto Attacks

Solana Based DeFi Protocol Nirvana Suffers $3.5M Flash Loan Exploit

In May 2022, hackers breached gaming-focused blockchain platform Ronin Network marking the second-biggest hack ever in the cryptocurrency space draining a collosal amount, now valued at more than $600 million.

Recently, popular cryptocurrency exchange, Uniswap, suffered a severe blow as liquidity providers (LPs) of the Uniswap v3 protocol reeled under a major phishing attack resulting in a loss of over $8.1 million worth of Ether. In February 2022, non-fungible token (NFT) marketplace, OpenSea users, were looted off nearly $1.7 million worth of NFTs.