Last updated on November 17th, 2022 at 01:39 pm
Blockchain data reveals that Nirvana Finance, a Solana-based yield protocol, was hacked for $3.5 million using flash loans to manipulate and deplete its liquidity pools.
The price of the protocol’s native token, ANA, has declined by over 80% in the last few hours, while the NIRV stablecoin has lost its peg to the US dollar and is currently trading at 9.8 cents.
Nirvana allowed investors to earn over 100% annual returns on the assets they locked in by creating and destroying tokens depending on user demand. Prior to the hack on Thursday, ANA tokens worth more than $3.5 million were locked onto the protocol.
Attackers frequently use flash loans to obtain the funds required to carry out hacks on decentralized finance (DeFi) platforms. The Beanstalk stablecoin protocol lost $182 million in April, and Inverse Finance lost more than $1.2 million last month.
The loans enable merchants to obtain unsecured loans from lenders using smart contracts in place of intermediaries. No collateral is required because the contract only considers the transaction complete when the borrower pays the lender.
If a borrower fails to repay a flash loan, the smart contract will halt the transaction and repay the lender’s money.
According to data from blockchain explorers, the hack used almost 10 million USDC from the lending platform Solend in a flash loan. At that moment, more than $10 million in ANA had been minted, and the entire amount had been exchanged for $3.5 million in tether (USDT) from Nirvana’s treasury wallet.
This was possible as the treasury believed the 10 million USDC inflow was genuine. However, because it was not, the protocol was duped into releasing liquidity from its treasury.
The total value locked (TVL) on Nirvana dropped to 7 cents in the early morning hours following the attack. Data from DeFi Llama reveals that its entire liquidity was looted.
After the attack, the 10 million USDC was returned to Solend. Blockchain data reveals that the stolen assets were converted to DAI, an Ethereum-based stablecoin, and transferred to the Ethereum network via Wormhole, a blockchain tool that connects Solana to other networks.
Blockchain data reveals that the attacker address presently has over $3.5 million worth of DAI in its possession.
Administrators on the protocol’s Telegram channel have posted messages stating that developers have suspended Nirvana’s trading features as a result of the attack.
If you would like to read more news articles like this, visit DeFi Planet and follow us on Twitter, LinkedIn, Facebook, and Instagram.
“Take control of your crypto portfolio with MARKETS PRO, DeFi Planet’s suite of analytics tools.”