Nereus Finance and New Free DAO Faced Flash Loan Exploit

Nereus Finance, a lending protocol on Avalanche blockchain, has experienced a fast loan exploit, leading to $371,406 stolen. 

On September 6th, blockchain security firm CeriK was the first to announce the exploit. The company claimed it had effected liquidity pools on Nereus, which have connections to automated market maker Curve Finance and decentralized exchange (DEX) Trader Joe.

Did you know?

Want to get smarter & wealthier with crypto?

Subscribe - We publish new crypto explainer videos every week!

Crypto Token VS Coin (Animated Explainer & Examples)

SUBSCRIBE

ON YOUTUBE

On the following day, September 7th, Nereus Finance shared its take on the exploit. 

Under the segment called “So what happened?”, the company noted:

An exploiter was able to deploy a custom smart contract and that leveraged a $51M flash loan to manipulate the AVAX/USDC Trader Joe LP pool price for a single block resulting in the ability for the exploiter to mint 998,000 NXUSD against ~$508k worth of collateral.”

Moreover, the company highlighted that hacker created around $500,000 NXUSD bad debt in the NXUSD protocol. Nereus Finance claims they have paid off the bad debt using their team’s treasury. 

The company noted that the exploit happened due to a “missed step in the price calculation.”

On the other hand, on September 8th, the decentralized finance (DeFi) protocol, New Free DAO, faced multiple flash loan attacks. It is estimated that the company lost $1.24 million. 

The announcement about the exploit has been shared on Twitter by the blockchain security firm CeriK.

Based on the reports, the hacker used the “addMember()” function to add themselves as a member to an unconfirmed contract. Afterward, the hacker carried out three flash loan attacks. 

It seems that the hacker used an attack contract to borrow Wrapped BNB (WBNB) and exchanged it for New Free DAO’s NFD tokens through flash loans. 

The blockchain security firm claims that the attacker may be tied to Neorder attack, which faced the theft of 930 BNB tokens back in May. 

Gile K., Market Sentiment Analyst

Gile is a Market Sentiment Analyst who understands what public events may form what emotions. Her experience researching Web3 news and public market messages – including cryptocurrency news reports, PRs, and social network streams – is critical to her role in helping lead the Crypto News Editorial Team.
As an intelligent professional in public relations, together with the team, she aims to determine real VS fake news patterns, and bring her findings to anyone searching for unbiased news and events happening in the FinTech markets. Her expertise is uncovering the latest trustworthy & informative Web3 announcements to the masses.
When she's not researching the trustworthiness of mainstream stories, she spends time enjoying her terrace view and taking meticulous care of her outdoor environment.

Full Bio

All Expert Contributors & Analysts