Another Binance Smart Chain Defi Suffers Flash Loan Attack, Impossible Finance

avatar

image.png
(Source)

Evening

Just when it seemed that things have been settling down, today another flash loan attack took place on one of a Binance Smart Chain project. Impossible Finance, a defi protocol on BSC suffered a flash loan attack on Monday, losing 229.84 Eth worth half a million dollar.
The attackers launched the flash loan attack by using a fake token to drain the Impossible Finance liquidity pool, just like earlier BurgerSwap flash loan attack. Apparently the exploiters used a vulnerability project's lp and were able to make multiple swaps IF token(platform's native token) with BUSD and then back to BNB to repay the flash loan.

Here is what happened:

  1. Borrow 233.3 BNB of flash loan from PancakeSwap.
  2. Swapped 65,140 IF token.
  3. Created a FAKE token called AAA (BBB).
  4. Created LP with the FAKE token and IF.
  5. Swapped 32,570 IF into 221,898 BUSD and another 32,570 IF into 221,898 BUSD using IF router thru the FAKE token LP.
  6. Repeated the steps from 3 to 5.
  7. Sold 556,384 BUSD for 1,731 BNB, repaid the flash loan.
However, what's unusual is all the swaps were made in a row at about the same price, which is theoretically impossible due to slippage.
As of now all lps, deposits and withdrawals on Impossible Finance are on halt pending complete investigation of the incident. Impossible Finance assured a complete refund to all those affected by the exploit.

Flash loan attacks on Binance Smart Chain projects are becoming more and more frequent with each one having approximately the same DNA, may because most of the protocols are almost identical clones of each other.

image.png

158817836372645504 45.png

Posted Using LeoFinance Beta

defi hack neoxian mancave proofofbrain aeneas palnet archon hustler leofinance
0
0
0.000
0 comments