Avalanche: Nereus Finance victim of a $370,000 attack

Back to school for hackers – The ecosystem of cryptocurrencies and more particularly that of decentralized finance is frequently under attack. In this field, no blockchain is left behind. Nereus Finance just had the bitter experience of it on the Avalanche blockchain.

$370,000 stolen on Avalanche

Nereus Finance is a so-called lending protocolevolving on the blockchain Avalanche. This offers an open market that connects savers and borrowers in a decentralized manner.

Thus, the savers deposit their tokens in cash reserves in exchange for a return. For their part, borrowers can borrow the deposited funds in exchange for a fee. These fees are used to pay investors’ returns.

Unfortunately, on September 7, the company’s teams cerickalerted toan attack on the Nereus Finance protocol. As a reminder, Certik is a company specializing in blockchain security.

Alert published by Certik – Source: TWitter.

In total, the striker managed to steal $371,000 in USDC in the protocol pools.

>> Play it safe, register on FTX the reference of crypto exchanges (commercial link) <<

What happened ?

Like many DeFi protocol attacks, this one was carried out through the use of a flash loan.

A few hours after the events, Nereus Finance returned to the details of the attack in a post mortem.

In practice, the striker used a flash loan to manipulate the AVAX/USDC price on Trader Joe. Once the price was manipulated, it was able to mint 998,000 NXUSD, with only $508,000 of collateral.

This manipulation was possible because the calculation of the price of the tokens did not present no protection mechanism against price manipulation within the same block.

Let’s see together the 10 steps of the attack:

  • The striker took out a USDC 51m flash loan on Aave v3;
  • He traded 280,000 USDC for 14,735 WAVAX on TraderJoe;
  • The attacker added liquidity to the USDC/WAVAX pool on TraderJoe (260,000 USDC and 13,401 WAVAX);
  • He traded his remaining USDC (50M USDC) for 505,213 WAVAX on TraderJoe, causing the AVAX price to momentarily rise to $98;
  • The attacker borrowed 998,000 NXUSD in exchange for the LP token which represents his deposited cash on TraderJoe. For his loan he took advantage of the fact that the value of AVAX was artificially inflated to borrow more than he should have been able to;
  • He eventually traded his various tokens and repaid his flash loan, earning a profit of $371,406.

Reactions from Nereus Finance

As we could see, the striker was able to create more NXUSD than the value deposited as collateral. Consequently, his attack left the protocol with many thousands of dollars worth of bad debt. As a reminder, bad debt is uncollateralized debt.

Consequently, the Nereus Finance teams have eager to repay this bad debt using team cash.

“The team will modify its auditing and security practices to ensure that this type of event does not happen again in the future.”

At the same time, Nereus Finance tried to contact the hacker. Nereus offered him a reward of 20% of the stolen funds in exchange for their return. This proposal remains unanswered for the moment.

Facing theincrease in attacks related to DeFi, security experts are in demand from all sides. Thereby, security auditors boast some of the best salaries in the industry.

Stay away from spammers and scammers. Avoid too-good-to-be-true offers like the plague and get into the habit of being healthy with suspicion. On the other hand, also learn to place reasonable trust in respectable and recognized players in the ecosystem. The FTX platform falls without a shadow of a doubt into this second category. Come acquire and trade your first bitcoins and other cryptocurrencies. Register on FTX. You will benefit from a lifetime discount on your transaction fees (commercial link).

John R. Zepeda

I have extensive experience working as a content writer in the areas of cryptocurrencies and finance, where I create interesting pieces that both inform and engage their audiences.

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button