ChainCatcher reports that sDOLA LlamaLend was subjected to a flash loan price manipulation attack, resulting in a loss of approximately $240,000, including 6.74 WETH and 227,325 DOLA.
The attacker used flash loans and donations to manipulate the sDOLA price, raising the exchange rate from 1.189 DOLA to 1.353 DOLA per 1 sDOLA. This price fluctuation caused multiple accounts in the crvUSD Controller to have health factors below 0, triggering liquidation conditions. After the attack contract received rewards as a liquidator, it exchanged assets, repaid the flash loan, and profited.
Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to
Disclaimer.
Related Articles
A user was hacked and lost $53,000 worth of PAXG due to signing a malicious Approve transaction.
Gate News Report, March 12 — According to GoPlus monitoring, a user was targeted by a phishing attack after signing a malicious Approve transaction, resulting in the theft of $53,000 worth of PAXG.
GateNews11m ago
Gate Daily (March 12): Wells Fargo submits WFUSD application; Ledger reveals MediaTek chip leak of recovery phrases
Bitcoin temporarily reports $69,980, driven by CPI data. Wells Fargo applies for WFUSD trademark to explore crypto business, Ledger reveals MediaTek chip vulnerability. U.S. stocks mostly close lower as markets focus on Middle East tensions. Investor sentiment remains stable, with overall performance flat.
MarketWhisper34m ago
Fantasy.top founder denies "soft Rug Pull" allegations, states investor funds were not used
Fantasy.top faces accusations from angel investors, claiming the team went silent and refused to refund $50,000, sparking "soft Rug Pull" allegations. Founder Travis Bickle countered that the company operates based on product revenue and has not used investors' funds. Several well-known investors also reported experiencing similar situations.
GateNews1h ago
Indian police arrest suspect involved in GainBitcoin Ponzi scheme at Mumbai airport
Gate News Report, March 11 — India's Central Investigation Bureau (CBI) announced the arrest of Darwin Labs co-founder and CTO Ayush Varshney at Mumbai Airport on suspicion of involvement in the GainBitcoin Ponzi scheme. It is reported that Varshney was attempting to leave India at the time. Investigations revealed that the scheme was operated by Variabletech Pte. Ltd., which attracted investors by promising high returns on crypto investments. Law enforcement officials accused Darwin Labs of developing and deploying critical technological infrastructure for the scheme, including the MCAP cryptocurrency token and ERC-20 smart contracts. Additionally, Darwin also provided technology for GBMiners.com Bitcoin mining platform, BitCoin Payment Gat
GateNews2h ago
Ledger Security Team Discovers MediaTek Processor Vulnerability That Could Lead to Wallet Mnemonic Theft
The team behind the crypto wallet Ledger has discovered a vulnerability in the secure boot chain of MediaTek processors. Attackers can extract encryption keys through physical access, affecting approximately 25% of Android phones. The vulnerability can be fixed with a patch, but it highlights the risks of storing keys on insecure devices. Users are advised to update promptly.
GateNews13h ago
AI code failure: Stop idolizing AI; Claude's coding caused a DeFi platform to lose $1.78 million
Moonwell Lending Protocol experienced a security incident on-chain due to an oracle configuration error, leading to a severe underestimation of cbETH asset prices. This event was caused by a logic error in AI-generated code, which was exploited by liquidation bots for profit. Although no traditional hacking was involved, users suffered a loss of $1.78 million. The incident highlights the oversight in AI programming review processes and emphasizes the importance of human oversight in the context of technological automation.
PANews13h ago
