Attacks on Flash loans: what are these and why are they common in DeFi?

Attacks on Flash loans: what are these and why are they common in DeFi?


Why is the number of attacks on flash loans increasing? To answer this question, you need to understand how flash loans themselves work, where there are opportunities for their exploitation, and why attacks occur.

Since we are going to talk about flash loans, it is necessary that you have a good understanding of what DeFi technology is, since attacks on flash loans are a phenomenon that is part of the shortcomings inherent in DeFi in its current state.


If we look at Then we will read that decentralized finance (DeFi) is, as the name implies, an application ecosystem based on decentralized technology, which we associate today with popular cryptocurrencies such as Bitcoin, Ethereum and so on. Still DeFi is not based on one of the above-mentioned cryptos. Rather, they are based on one technology that is common to all major and popular cryptocurrencies – blockchain.

Blockchain technology is what underlies all the features that people call the advantages of the cryptocurrency industry. It doesn’t matter if it’s anonymity or the fact that the currency is not controlled by a handful of people, blockchain technology is what allows cryptocurrencies to function. Now let’s define the general concept of blockchain in order to better understand not only DeFi, but also the attacks on flash loans themselves.

Blockchain technology is based on the idea that currencies can exist outside of banking management, without a single entity that would control transactions. Instead, a number of organizations are engaged in this, to which anyone can apply. Thus, blockchain technology processes transactions and data, transferring these tasks to users who have agreed to perform this task. This allows a public register (ledger) to exist, accessible to everyone at any time and, therefore, incorruptible and unchangeable.

When applications are created based on this technology, it usually means that not one organization is engaged in data processing, but many, which provides an element of trust between the users of the application and its methods of data use.

Besides, the blockchain technology makes it possible to accelerate complicated data processing as big data is divided into smaller fragments and is sent to various people around the world to be processed. Thus, DeFi allows you to create applications whose code is transparent, accessible, and in many cases immutable.

However, things can go wrong and change for the worse. Since this is the field of programming (and no matter how expensive a lock you buy, there will always be someone skilled enough to crack it), there are many who have figured out how to manipulate the system for their own benefit. At the same time, every day they cause harm to more and more people, and this is the issue this article is devoted to – attacks on flash loans.

And so…

Starting with the very phrase “flash loans attacks”, we get acquainted with the concept of flash loans. Referring to the numerous cases when DeFi technology has led to huge changes in the financial ecosystem, we have the idea of unsecured loans, which, in fact, are flash loans. Flash loans are loans issued within the ecosystem created by DeFi, which can be provided without any collateral. They are based on the Ethereum network.

Some may say that Flash Loans has become a step in the movement towards creating a transparent and decentralized financial system, displacing centralized institutions such as banks from the process of processing and processing loans.

As for the technical aspects of the work, flash loans use smart contracts. Smart contracts are pieces of code in the programming of a wide range of decentralized applications that allow you to perform a specific task only if certain conditions are met. In this case, the funds are not transferred until certain conditions are met on both sides making the transfer. The person who took out the loan, who in this case is the borrower, must repay the loan before the transaction is completed, and, therefore, this allows the borrowing-lending process to take place efficiently and quickly, without requiring any collateral.

Flash loans are used by traders to profit from the difference in prices of valuable assets on various exchanges. This use is called arbitration, and the best way to understand how they work is by example.

Let’s say there is a certain token, let’s call it XYZ. Its cost is $10 on Exchange A, and $20 on exchange B. The user can thus get a flash loan in the amount of $1,000, using which he can buy 100 XYZ at $10 apiece. They sell these XYZ on exchange B for $20 apiece, which allows the user to get $2000, $1000 of which he uses to repay the loan, and $1000 goes into his pocket. It is this feature of Flash Loans that attracts traders, because it is a very easy way to quickly get loans in the crypto sphere.

As for the previously mentioned rhetoric about how the concept of flash loans has revolutionized the industry, then yes, it is. If you look at why flash loans are so popular, it is due to the large number of advantages they give to people who want to receive them.

Flash Loans guarantees that the transaction will be considered completed only when the borrower returns the money he was supposed to receive, otherwise the transaction will be considered incomplete, and any potential exchange of money in the form of cryptocurrencies will be canceled. Thus, they make it possible to exclude one key component that has become part of the daily life of many. It can simply be avoided. Interest rates.

Interest is accrued on the entire loan amount taken, which is then paid depending on the term for which the loan is taken and the amount of the loan itself. Consequently, such amounts lead to the fact that the borrower always pays the lender more than the lender to the borrower. This may bother a person for several more months until he realizes that the amount of additional money or interest that he has to pay is increasing.

While traditional loans almost always require the payment of such amounts (with the exception of Islamic and some Jewish banks), flash loans can play an important role here. They can issue interest-free loans. This will not only ensure greater availability of loans, but also increase their cost.

Flash loans allow such transactions to be carried out without the need to charge an interest rate. In addition to facilitating the processes of borrowing and lending, flash loans also allow such processes to be carried out very quickly. Since the entire process of issuing flash loans takes place online on the relevant platforms, and the repayment of the loan also remains in the same virtual sphere, flash loans can be issued to individuals almost instantly.

This may turn out to be a much more important advantage, since people do not have to go through a relatively long process of obtaining a loan from a bank, which they are not even sure of getting. With Flash Loans, anyone with Internet access can get a loan quickly and instantly.

They have a large number of advantages, such as the possibility of a zero interest rate, instant issuance and the absence of a credit rating assessment before obtaining a loan. Moreover, the fact that they do not require any capital from the borrower is a golden advantage in itself. This allows individuals with limited access to banking services, low capital and an instant need for loans to access flash loans.

As explained earlier, flash loans allow a person to borrow as much as they want, with a condition held by smart contracts. For example, if a person needs $2000 in ETH, he will be able to get this amount, but it will not belong to him. A person will have to do something with these funds so that they return in a position to repay the loan and, possibly, receive an extra amount. All this may seem very complicated, and so it is. But in order for these protocols to be implemented, they are all provided by blockchain.

Attacks on flash loans appear in the big picture when certain individuals manipulate entire markets in such a way as to ensure compliance with the rules of the blockchain and, unfortunately, still cause a lot of damage.

Getting to the point

In fact, these are attacks on flash loans. Certain individuals use flash loans in such a way that the rules of the blockchain are not violated, but at the same time they take advantage of the situation, which allows them to manipulate the market and cause great damage, which can be avoided. We will illustrate the effect of attacks on flash loans by giving relevant examples from practice below to present a picture of the damage that can be done with flash loans on a real scale.

Let’s start with the PancakeBunny attack, which is probably the most recent attack on flash loans that has occurred to date. The PancakeBunny attack is usually used to refer to the events of May 2021, when hackers were able to detect an exploit in the system. Using the exploit, hackers caused the PancakeBunny token to fall by more than 95% of its original value.

The organization that carried out the attack borrowed a huge amount of BNB from PancakeSwap and used the borrowed amount of BNB to manipulate the price of BUNNY/BNB and USDT/BNB in PancakeBunny pools. Thanks to this, they managed to avoid punishment for stealing a large amount of BUNNY. The market collapsed when they threw them out to trade. After that, the attacker repaid the debt through PancakeSwap. This allowed the attacker to make a profit of about $3 million.

Perhaps it is worth mentioning another attack – the largest attack on flash loans in 2021, to once again illustrate how everything can collapse overnight. We will talk about an attack on the Alpha Homora protocol, during which smart attackers were able to deprive the protocol of a profitable farm of $37 million. This was done with the help of Iron Bank, a Cream platform that is designed for those who are looking for a lending platform. The attack was carried out by striking the Iron Bank platform with a variety of flash loans.

A hacker or an attacker borrowed sUSD from the Iron Bank credit platform, which is accessed through Alpha Homora DApp. The hacker doubled the borrowed amount each time. With each loan, the hacker returned the borrowed funds back to Iron Bank, which allowed him to receive ySUSD or Yearn Synth sUSD in return. The attacker then borrowed 1.8 million USDC via Aave as a flash loan, and used sUSD to exchange them via Curve. This allowed the attacker to continue paying off loans, which gave him the opportunity to continue to borrow large amounts and receive more sUSD each time.

This process took place several times, as a result of which hackers received a huge amount of funds, which they then used to borrow other cryptocurrencies. They borrowed about 3.6 million USDC, 4.2 million DAI and 13 thousand Wrapped Ethereum.

Why have flash lending attacks become more frequent?

Now that we are convinced that flash loans are dangerous, and have given examples showing to what extent attackers can evade responsibility, the question arises, why are flash loans becoming more common? What motivates attackers to carry out more and more such attacks?

To partially answer this question, it is first necessary to consider the nature of the blockchain and how the “everyone remains anonymous” factor operates here. Since there are so many nodes on the network, it becomes very difficult to track transactions. Even if the transaction can be traced, it is returned to the wallet, and not to the personal bank account. Therefore, such cases are commonplace in the cryptocurrency world.

This may also explain why cryptocurrencies are a means of payment on sketch sites like those found on the DarkNet. The fact that they are carried out using protocols using Blockchain technology is one of the factors explaining their growth, since attackers are more confident that they will not be caught.

In addition, these attacks are associated with low risk. Compare the robbery of a real physical bank with thousands of dollars worth of security technology, and an online protocol from the attacker’s point of view, and you will begin to understand what is at stake. This makes them even more confident in carrying out the attack. Looking back, we can say that not a single attacker engaged in flash lending has been caught yet. Despite the huge amounts of stolen money, they are still wanted because the nature of networks without access rights allows them to access tools to conceal their identity.

Along with a low degree of risk, such attacks are also cheap to execute, which means that an attacker does not need to take on large financial obligations to carry out such an attack. To carry out an attack on flash loans, an attacker may only need a computer, an Internet connection and planning.


In conclusion, I would like to note that this article was intended to highlight a problem common in many DeFi protocols in order to raise awareness of the problem of Flash Loan attacks.

DeFi and Flash Loans protocols are not perfect, and today attackers use them to get away with huge amounts of money. A deep practical understanding of the problem makes us look for solutions. And they will not take long to wait.