Wise Lending Faces $440K Loss in Suspected Flash Loan Exploit of Crypto Assets

Share IT

Key takeaways:

  • Multiple security experts report that Wise Lending was purportedly exploited and deprived of 170 Ether, which is currently valued at $440,000.
  • As part of the hack, the attacker took 1,110 Lido Staked Ether (stETH) tokens, worth $2.9 million, from the Aave lending protocol.

Multiple security experts report that on January 12, Wise Lending, a Web3 lending software and yield aggregator, was purportedly exploited and deprived of 170 Ether, which is currently valued at $440,000. 

To execute the hack, it’s possible that the exploiter used a flash loan to influence the pricing of an Oracle. The attacker utilized an unconfirmed contract with an address ending in d82c to drain the cash. 

This contract contains a number of tokens, including USD Coin valued at $9,000, Tether valued at $2,000, Dai valued at $5,000, 18.51 Wrapped Ether (WETH) ($47.694), and many tokens related to Pendle Finance.

As part of the hack, the attacker took 1,110 Lido Staked Ether (stETH) tokens, worth $2.9 million, from the Aave lending protocol. Flash loans are a standard tool used by scammers to influence Oracle pricing.

The attack against X (previously Twitter) was brought to the attention of the cryptocurrency community by pseudonymous blockchain security researcher Spreek, who stated:

โ€œLooks like Wise Lending exploited for ~170 eth.โ€

Spreek hypothesized that a new Pendle Finance derivative token might have been connected to the vulnerability in response to their own post. 

Officer’s Notes, a different security researcher, commented, “Another day, another exploit,” when they shared the report. The officer’s Notes state that a 7% price swing between stETH and ETH inside a certain pool may have contributed to the vulnerability “b/c of AAVE v2 stETH flash loan.”

Decentralized finance (DeFi) procedures have only recently begun in 2024, but exploits have already cost them at least $5 million. Over $4.5 million was stolen from Radiant Capital on January 3. The liquidity management Gamma Protocol suffered a loss of almost $400,000 due to an exploit the next day.

According to blockchain security provider Certik, over $1.8 billion was lost in 2023 as a result of cryptocurrency hacks, scams, and attacks.

Share IT
Deep
Deep

Can’t find what you’re looking for? Type below and hit enter!