Wise Lending Faces $440K Loss in Suspected Flash Loan Exploit of Crypto Assets

Share IT

Key takeaways:

  • Multiple security experts report that Wise Lending was purportedly exploited and deprived of 170 Ether, which is currently valued at $440,000.
  • As part of the hack, the attacker took 1,110 Lido Staked Ether (stETH) tokens, worth $2.9 million, from the Aave lending protocol.

Multiple security experts report that on January 12, Wise Lending, a Web3 lending software and yield aggregator, was purportedly exploited and deprived of 170 Ether, which is currently valued at $440,000. 

To execute the hack, it’s possible that the exploiter used a flash loan to influence the pricing of an Oracle. The attacker utilized an unconfirmed contract with an address ending in d82c to drain the cash. 

This contract contains a number of tokens, including USD Coin valued at $9,000, Tether valued at $2,000, Dai valued at $5,000, 18.51 Wrapped Ether (WETH) ($47.694), and many tokens related to Pendle Finance.

As part of the hack, the attacker took 1,110 Lido Staked Ether (stETH) tokens, worth $2.9 million, from the Aave lending protocol. Flash loans are a standard tool used by scammers to influence Oracle pricing.

The attack against X (previously Twitter) was brought to the attention of the cryptocurrency community by pseudonymous blockchain security researcher Spreek, who stated:

“Looks like Wise Lending exploited for ~170 eth.”

Spreek hypothesized that a new Pendle Finance derivative token might have been connected to the vulnerability in response to their own post. 

Officer’s Notes, a different security researcher, commented, “Another day, another exploit,” when they shared the report. The officer’s Notes state that a 7% price swing between stETH and ETH inside a certain pool may have contributed to the vulnerability “b/c of AAVE v2 stETH flash loan.”

Decentralized finance (DeFi) procedures have only recently begun in 2024, but exploits have already cost them at least $5 million. Over $4.5 million was stolen from Radiant Capital on January 3. The liquidity management Gamma Protocol suffered a loss of almost $400,000 due to an exploit the next day.

According to blockchain security provider Certik, over $1.8 billion was lost in 2023 as a result of cryptocurrency hacks, scams, and attacks.

Share IT
Deep
Deep

Get Daily Updates

Crypto News, NFTs and Market Updates

Can’t find what you’re looking for? Type below and hit enter!