Solana-based DeFi protocol, Nirvana Finance lost $3.5 million to a flash loan attack on July 28.
1/ 🚨
On 28 July, adaptive yield protocol @nirvana_fi was exploited for $3.49M, forcing the protocol’s $ANA token price to collapse over 85%.
The SolanaFM team broke down the key movements involved during the exploit. 👇
Nirvana Hacker Account:https://t.co/Zsde5MdW0j pic.twitter.com/OYMMy2G1nb
— FA2 | SolanaFM (@0xFA2) July 28, 2022
The attack resulted in Nirvana’s native token ANA losing 85% of its value. The token’s price fell from $8.97 to as low as $0.81 within hours of the attack before rebounding to its current value of $1.26, CoinGecko data revealed.
The ecosystem’s dollar-pegged stablecoin, NIRV, is also down by almost 90% and is currently trading for $0.12.
On-chain data showed that the attacker took a $10 million USDC loan to mint $10 million worth of ANA tokens and then swapped the $10 million ANA for $13.49 million USDT.
This way, the attacker could steal $3.5 million from the Nirvana treasury, repay the USDC loan, and then move the stolen funds to an Ethereum wallet converting it to DAI stablecoin.
Nirvana’s official Twitter account confirmed the exploit stating that it is “investigating the attack and will make an announcement to the community as soon as possible.”
The Nirvana protocol suffered an exploit today.
The Nirvana team is investigating the attack and will make an announcement to the community as soon as possible.
— Nirvana Finance (@nirvana_fi) July 28, 2022
Solend, another DeFi protocol on Solana, confirmed that the attacker borrowed the initial $10 million USDC from its main pool.
We’re aware of a @nirvana_fi exploit that made use of Solend flash loans. We’re in contact with the team to help in any way we can. Funds on Solend are safe.
— 🙏🚫 Solend (we’re hiring!) (@solendprotocol) July 28, 2022
The Solana-based lending protocol tweeted that it was already in contact with the Nirvana team and that funds on its platform were safe.
Nirvana has since clarified that the attack was not a fault of Solend but rather due to an exploit of its system.
What we know so far:
Nirvana has been maliciously hacked and the reserves have been stolen.
A flashloan attack was used to steal money. This is not the fault of Solend, but an exploit of Nirvana’s program.https://t.co/NkmtHAbAAa
— Nirvana Finance (@nirvana_fi) July 28, 2022
According to the blockchain security company, OtterSec, the attack is similar to what happened on Crema Finance, another Solana-based protocol, earlier this month.
The hacker uploaded a program on the blockchain and closed it after the exploit.,
OtterSec continued that the hacker was able to use the flash loan attack to inflate ANA’s price from $8 to $24, so they could claim the “USDC and USDT at this inflated price.”
2/ This hack beared many similarities to previous hacks. Similar to the @Crema_Finance hack, this too used Solend flashloans.
The attacker’s program was also uploaded on-chain and closed immediately afterwards. https://t.co/kgg7C2M2Gq pic.twitter.com/GJaAZlfJZD
— OtterSec (@osec_io) July 28, 2022
Crema Finance lost $6 million to the flash loan attack that forced it to suspend its services temporarily.