On Friday, January 12, the famous Web3 lending application Wise Lending was hit by a cyber attack that resulted in the loss of a substantial amount of funds. In a blog post, Wise Lending regretted that the hackers launched a malicious attack siphoning approximately 170 Ether valued at $440,000 in the current market prices.
The hacking incident drew the attention of multiple security experts to assess the damages caused by the exploit.
Hackers Drain $440K from Wise Lending Platform
A report from the security experts demonstrated that the hackers launched a flash loans attack to corrupt oracle prices on the Wise Lending platform.
Occasionally, the hackers launch a flash loan attack on the smart contract positioned Ethereum network to weaken the system. The vulnerability of the smart contract enables hackers to command modifications on the prices of the crypto market.
After probing the matter, the security team noted that the attack occurred on January 12 at 7:29 pm UTC. The report illustrated that the hackers used an unverified contract to steal funds from the Wise Lending platform.
The probing noted that the attackers drained $9000 USD Coin (USDC), $2,000 Tether (USDT), and $5000 DAI. Also, the hackers stole $47.696 Wrapped Ether (WETH) and other tokens tied to Pendle Finance.
Besides the unauthorized withdrawals, the Wise Lending group noted that the hackers borrowed funds from the platform. The probing team observed that the hackers borrowed Lido staked ETH (stETH) worth $2.9 million from the platform shortly after draining the funds.
Nature of Flash Loan Attack
Based on the nature of the attack, the Wise Lending team noted that the hacker’s primary objective was to manipulate the oracle prices. News concerning the attack was shared by the prominent blockchain security researcher Spreek on the X platform.
In his tweet, Spreek updated the crypto community on the Wise Lending flash loan attack that resulted in a loss of 170 ETH. One commenter argued that the newly launched Pendle Finance token (PENDLE) enabled hackers to access the Wise Lending platform.
Commenting on this, another security expert, Officer’s Notes, claimed that the price movement of tokens on the Wise Lending platform enabled the hackers to launch the flash loan attack.
The Officer’s Notes tweet demonstrated that the price between stETH and ETH moved by 7% on a specific pool. He noted that the pool under questioning “b/c of AAVE v2 stETH” was later linked to the flash loan attack. The Officer’s Notes regretted that the frequency of crypto exploits was alarming.
Rise of Crypto Scams
On the X platform, the crypto investor expressed their concerns about the ongoing hacking incident in the early year. Hackers have drained approximately $5 million from the decentralized finance (DeFi) platforms.
A review of the hacking incident on the DeFi platform demonstrated that Radiant Capital was the first decentralized protocol to lose $4.5 million at the beginning of this year. The hackers stole $400,000 from the Gamma Protocol a day after the Radiant Capital attack.
The multiple hacking incidents illustrated that the hackers intend to intensify their cyber-related activities this year. In the previous trading year, the New York blockchain security firm Certik noted that approximately $2 billion was lost in crypto scams and hacks.
With the loss of multi-million dollars in the crypto industry, the key industry players urged global regulators to cooperate in addressing the rising cybercrime.