Value DeFi project loses $6 million in flash-loan attack

Value DeFi’s developers confirmed a “complex attack” on their MultiStables vault, resulting in an unknown actor withdrawing $6 million in DAI and USDC stablecoins.

The MultiStables vault was the subject of a complex attack that resulted in a net loss of $6M. https://t.co/dnFRa5yPBJ
We are currently working on a postmortem and are exploring ways to mitigate the impact on our users.

— Value DeFi Protocol (@value_defi) November 14, 2020

“We are preparing a report and studying ways to mitigate the impact on users,” the developers wrote after the incident on Saturday.

The attacker leveraged a flash loan of 80,000 ETH via the DeFi lending platform Aave. Such loans are repaid within a single block, allowing no collateral.

On Sunday, representatives said they had resumed partial withdrawals and confirmed that the hacker had returned $2 million.

We have re-enabled the UI to withdraw after the recent exploit in the MultiStables Vault.

1) Withdrawing will receive about 28.24% of your initial deposit
2) A snapshot of anyone who was affected by the exploit will be able to claim the other 20% in $DAI from the 2 mil returned

— Value DeFi Protocol (@value_defi) November 15, 2020

A few days before the incident, Value DeFi’s developers claimed that their platform boasted the highest level of security and the best yields.

Value Defi has the highest security, the best return and the greatest community … Simply 😍

Check out the give away and get a valuable Valueman NFT. 🤗 https://t.co/NdKV7EVRgy

— Value DeFi Protocol (@value_defi) November 12, 2020

Earlier this week, an unknown hacker executed a flash-loan attack on the Akropolis DeFi protocol, draining the YCURVE and sUSD liquidity pools in DAI stablecoins worth $2 million.

Follow Forklog’s news on Facebook!