- Home
- /Solana Records Second Flash Loan Attack as Nirvana Loses $3.49M in Exploit
Solana Records Second Flash Loan Attack as Nirvana Loses $3.49M in Exploit
Solana network has recorded another flash loan attack, making it the second in a month. This time, decentralized finance (DeFi) yield protocol Nirvana was the victim, and the attacker stole $3.5 million worth of assets, according to on-chain data. Nirvana Exploited for $3.49M The attacker conducted the exploit by taking a flash loan worth $10 ... Read more
Author by
Nwani Mishael
Solana network has recorded another flash loan attack, making it the second in a month. This time, decentralized finance (DeFi) yield protocol Nirvana was the victim, and the attacker stole $3.5 million worth of assets, according to on-chain data.
Nirvana Exploited for $3.49M
The attacker conducted the exploit by taking a flash loan worth $10 million in USDC on the Solana-based lending platform, Solend Protocol. The borrowed amount was then used to mint Nirvana’s native token $ANA.
The hacker did this by manipulating the price of Nirvana’s native token $ANA, such that the price of $ANA got inflated. That way, the borrowed fund in the custody of the exploiter exceeded $10 million.
The exploiter proceeded to swap the inflated fund which was originally worth $10 million in $ANA for $13.49 million in USDT, where the extra $3.49 million got deducted from Nirvana’s Treasury.
After the attack, the hacker returned the borrowed $10 million USDC to Solend Protocol while transferring the $3.49 million exploit fund through Wormhole bridge into an Ethereum wallet. The exploited fund was eventually converted into DAI and is currently in the custody of the attacker.
Nirvana Breaks Silence
About 7 hours after the exploit, Nirvana made some comments about the exploit, noting that it will take action to track down the stolen fund. The company added that the fault was not from Solend, but was “an exploit of Nirvana’s program.”
What we know so far:
Nirvana has been maliciously hacked and the reserves have been stolen.
A flashloan attack was used to steal money. This is not the fault of Solend, but an exploit of Nirvana’s program.https://t.co/NkmtHAbAAa
— Nirvana Finance (@nirvana_fi) July 28, 2022
Meanwhile, Solend commented on the attack, noting that it was in contact with Nirvana to assist in tracking down the exploiter. The lending platform further noted that it was not affected by the attack.
ANA and NIRV Tokens Plunge
Following the exploit, Nirvana’s native token $ANA tanked severely, with the asset dropping by 81%, bringing it to a current trading price of $1.71.
Nirvana’s stablecoin $NIRV equally saw a significant downtrend, losing its 1:1 peg to the US dollar. At the time of writing, $NIRV traded at $0.18, representing over 90% loss.