BSC DeFi protocol Bogged Finance suffered losses of $3 million after a hacker exploited a vulnerability in its contract and used a flash loan to extract the funds.
The developers of the decentralized finance protocol (DeFi) Bogged Finance They reported via Twitter that the protocol was suffering from a flash loan attack and that investors should not purchase their BOG token until they completed the process of migrating the token to a new contract to mitigate the attack.
The Bogged Finance team responded almost immediately and managed to stop the attack less than 1 minute after it began. However, the time was enough for the attacker to extract 50% of the funds deposited within the project, which were close to 6 million dollars. Thus, on Saturday Bogged Finance lost about 3 million dollars during the hack in BNB tokens, a fact that collapsed the value of its native BOG token significantly.
Before the attack, BOG was trading at a value close to $8 per unit. As of today and 2 days after the hack, its value is $0,00027. A colossal and large-scale loss for this asset.
The $3 million stolen from Bogged Finance adds to the $103 million stolen from DeFi so far this month. Most of the hacks and exploits that the decentralized finance ecosystem has suffered this May have occurred on the BSC. In total, DeFi losses amount to $106 million this month.
It may interest you: $284 million in losses since 2019
Flash Loans, a tool for hackers?
Flash loans are one of the biggest financial innovations born within the credit industry. cryptocurrencies, and DeFi. This instrument allows investors to obtain profits and returns without having to use their money, that is, without depositing collateral or guarantee.
With flash loans, or flash loan, investors can use the liquidity available in a market to perform different operations, including calls to smart contracts. Investors can exchange the token usage borrowed on different platforms to seek returns; once the process is completed, the loan granted and the commission fees will be discounted; thus, the surplus will be the investor's profit.
Although the process may sound relatively easy, it is not, as one of the conditions of flash loans is that they must occur within seconds and be completed before the transaction is finalized. Otherwise, the entire process will be reversed.
This tool is transforming and reinventing the financial system, although combined with some security vulnerabilities, in the wrong hands it has become a real headache for developers and investors.
Virtually every DeFi hack this month involved a flash loan.
Market manipulation
Pancake bunny, Spartan Protocol, Rari Capital, Finnexus, bear and now, Bogged Finance, have lost significant sums of money due to the manipulations that hackers have managed to carry out within their markets, taking advantage of some vulnerability and a flash loan.
Pancake Bunny developers have confirmed losses of $45 million after a hacker manipulated the price of the USDT/BNB and BUNNY/BNB markets using a large amount of BNB tokens obtained through a flash loan.
The same story is true for Rari Capital and bEarn, which lost $10 million and $10,8 million, respectively. The Spartan Protocol and FinNexus hacks were related to security exploits, and losses amounted to $30 million and $7,6 million.
In all cases, the price of the native tokens of these protocols dropped sharply. Pancake Bunny's market cap dropped from $122 million to less than $19 million shortly after the hack.
Continue reading: Insurance, an increasingly emerging and promising sector for the future DeFi, says ShapeShift
