Nereus Finance platform lost 370 000 USDC in an exploit
The attack was carried out with flash loans and manipulating the price of AVAX tokens
![Nereus Finance platform lost 370 000 USDC in an exploit](https://storage.getblock.net/source/1/3HGu05bPMg27YdesWJwgqQ5MBaG5WF0x.webp)
08.09.2022 - 08:15
286
2 min
0
What’s new? On September 7, Nereus Finance, a decentralized platform, was hacked, causing hackers to withdraw $370 000 in USD Coin (USDC) stablecoins. According to cybersecurity firm CertiK, the attackers carried out the attack with a flash loan.
#CertiKSkynetAlert🚨CertiK Skynet has reported a #flashloan attack on #AVAX impacting contract 0xe767c... & some LPs. The attacker profited ~$370k USDC.Possible impacted protocols include:@nereusfinance @traderjoe_xyz @CurveFinance Contact us for analysis. Stay Frosty!☃️ pic.twitter.com/bZvtgVPpl4— CertiK Alert (@CertiKAlert) September 7, 2022
What else is known about the incident? Hackers managed to steal funds by manipulating the price of AVAX tokens on Nereus. The attack took place through arbitrage trades, using 51 million USDC borrowed. The attackers then transferred tokens from the Avalanche blockchain to the Ethereum blockchain.
The Nereus team confirmed the attack and is currently investigating. According to the platform’s representatives, the incident affected only one market and the protocol as a whole remained over-collateralized.
We are aware of a flash loan exploit on the AVAX/USDC Joe LP NXUSD market. This incident is isolated to a single collateral market and the NXUSD protocol as a whole remains over colateralised. We are executing a recovery process and will be publish a post-mortem shortly.— Nereus Finance🔺 (@nereusfinance) September 7, 2022
Nereus Finance is a non-custodial lending protocol running on the Avalanche blockchain. The total value locked (TVL) is $13,19 million (DefiLlama’s data as of September 8). The platform passed a security audit performed by Ambisafe.
Earlier, the FBI issued a warning to investors about vulnerabilities in DeFi platforms. Representatives of the bureau called three of the most popular types of attacks on such projects, including initiating flash loans, exploiting signature verification vulnerabilities in bridges between networks, and manipulating the price oracle.
Useful material?
Market
Australia’s largest financial institutions have refused to process payments to digital asset trading platforms due to the risk of fraud
Jul 26, 2024
Politics
According to the politician, the value of the country’s bitcoin reserves should equal the value of gold reserves
Jul 26, 2024
Mining
The capacity of the Bitaxe device used by the network participant is only 500 Gh/s
Jul 25, 2024
Trends
Meanwhile, Trump-inspired assets have not shown significant growth
Jul 22, 2024
Market
The fee will be as much as 2,5% compared to 0,25-0,19% for competitors
Jul 18, 2024
Market
This is the third consecutive month of decline
Jul 18, 2024