🎁 Exclusive offer: Get EXTRA Bits and Celebrate Bybit's 6th Birthday With $2.2M Prize Pool. Act now!
Crypto Terms:  Letter F
Jul 07, 2023 |
updated: Apr 03, 2024

What is Flash Loan Attack?

Flash Loan Attack Meaning:
Flash Loan Attack - Flash loan attacks depend on exploiting a smart contract in order to make a profit.
medium
3 minutes

Let's find out Flash Loan Attack meaning, definition in crypto, what is Flash Loan Attack, and all other detailed facts.

In essence, flash loan attacks exploit smart contracts used in decentralized finance (DeFi). It’s done by attacking smart contracts that are responsible for flash loans. Then the attackers are able to take the assets and turn them into their own profit. 

In order to pull off a flash loan attack, the cybercriminals must first borrow a large sum. Next, they have to use that loan to buy assets with arbitrage, and then repay the loan. What’s the catch? Flash attackers get to keep all of the assets left for their own gains. 

The key element that allows this kind of criminal activity to happen is the permissionless decentralized finance protocols that are completely run by smart contracts. Flash loans are taken out through smart contracts which don’t require collaterals or third-party overseers. The lack of intermediaries is what makes decentralized finance platforms the perfect victim for this type of attack. 

There have been quite a few flash loan attacks, even though the process of setting up such an attack is extremely complex and difficult

A lot of flash loan attackers try to gain assets directly from other decentralized finance protocols. An example of this is a flash attack on a lending DApp - dYdx. The attackers took out a loan on this platform and sent their borrowed sum to Compound and Fulcrum. They used the Fulcrum platform to short ETH against Wrapped Bitcoin (WBTC). At the same time, they took out a loan of WBTC on Compound. Once WBTC’s price reached sky high, the attackers flipped their WBTC on Uniswap, repaid all of the loans, and kept the remaining ETH.

Another example is an attack on DeFi protocol bZx where the attackers converted their loan into sUSD stablecoins. The hackers placed a big buy order on the sUSD stablecoin, thus doubling its value and manipulating the market. Then they used their sUSD stablecoin to take out an even bigger loan. In the end, the attackers paid all of the loans and got to keep the leftover assets for themselves. 

PancakeBunny - a popular Binance Smart Chain-based yield farming aggregator had become a victim of a flash loan attack in 2021. The malicious criminals began their attack by borrowing a lot of BNB on PancakeBunny. By doing this, they were able to manipulate the price of Bunny tokens and Binance USD stablecoin at the same time. In turn, as the attackers dropped their Bunny on the market, it crashed.