Solana-Based Protocol Drained $3.5M with Flash Loan Exploit

Solana-powered protocol Nirvana Finance has reportedly sustained a flash loan attack that resulted in an exploit of nearly $3.5 million. Consequently, Nirvana’s native token ANA and stablecoin NIRV saw a gigantic price drop of 89% and 90%, respectively, according to Twitter user Solana FM.

Nirvana’s Native Token and Stablecoin Down 90%

Decentralized finance (DeFi) yield protocol on Solana, Nirvana Finance, has reportedly been exploited for $3.5 million following a flash loan attack. The attack sent Nirvana’s native digital token ANA down 89% to $8.97, while its stablecoin broke its peg to the U.S. dollar and plummeted 90%.

According to on-chain data, the attacker minted $10 million of ANA using a $10 million flash loan in USD Coin (USDC). Flash loan allows users to borrow funds at a low cost and return them in a single transaction. The whole process lasts just a few seconds.

In this case, the attacker secured the flash loan on the Solend Protocol and manipulated its oracle feed to boost the price of ANA holdings to more than $10 million. Then, the attacker swapped $10 million worth of ANA for $13.49 million in USDT.

Solana FM said that two accounts were involved in the attack including the Nirvana Treasury account and the Nirvana hacker account. The attacker repaid the $10 million USDC loan and transferred the profit to an Ethereum wallet address using the communication bridge Wormhole and then converted the holdings to the DAI stablecoin. A total of $3.49 million were stolen from the Nirvana treasury.

“Utilizing @solendprotocol’s Flash Loans, the hacker borrowed $10M USDC from the Solend Main Pool Vault which was used to exploit $3.49M USDT from the Nirvana Finance Treasury.”

Solana FM wrote.

Join our Telegram group and never miss a breaking digital asset story.

Crypto Exploits Continue

The exploit marks the latest in a series of flash loan attacks in the crypto industry recently. Also, it marks another attack on a Solana-powered protocol after CremaFinance DeFi was exploited for $8.7 million earlier this month.

In April, the decentralized credit-based stablecoin project Beanstalk has been exploited for roughly $182 million after a flash loan attack. The attack on Beanstalk came just a month after a $600 million Ronin Network hack.

NIRV’s massive price drop marks another stablecoin that lost its peg to the U.S. dollar this year following the collapse of TerraUSD (UST) and its sister token LUNA in May. Terra’s crash upset the broader crypto industry and is one of the key factors behind the market drawdown this year.

What do you think about the Nirvana exploit? Let us know in the comments below.