Someone Used Flash Loans To Exploit $800,000 In ApeCoin Tokens

An anonymous user took advantage of a vulnerability in the ApeCoin APE/USD airdrop process to exploit more than $800,000 worth of APE tokens.

What Happened: A transaction on Etherscan shared by Parsec founder Will Sheehan on Twitter Inc TWTR revealed that an attacker used a flash loan attack to obtain 60,564 APE tokens.

An analysis of the incident by CertiK revealed that the hacker orchestrated the attack by borrowing NFT 1060 from OpenSea and using it as the loan fee to flash loan 5.2 BAYC tokens from the NFTX Vault.

See Also: DeFi Flash Loans Will Become The New Standard Of Financial Security | Opinion

The attacker then used the borrowed BAYC tokens to redeem BAYC NFTs and claim 60,564 ApeCoin tokens as a reward in the airdrop contract.

The hacker then sold the majority of these APE tokens for 293 Ethereum ETH/USD earning him a profit of around $820,000. He minted the BAYC NFTs to BAYC tokens in order to pay back the flash loan and the fees.

“We think the issue here is that the AirDrop of APE token only considers the spot state that whether NFTs are hold by someone [sic],” wrote blockchain security firm BlockSec in its own analysis of the event.

“This is fragile since the attacker can manipulate the spot state using a flash loan. If the cost of the flash loan is smaller than the value of the AirDrop token, then it creates an attack opportunity.”

Price Action: According to data from CoinGecko, APE was trading at $11.44, up 83% from a low of $6.21 earlier today. The token has amassed a market cap of over $1.3 billion in under 24-hours from its launch.

Read Next: ApeCoin Launched: Here Are The Details And How To Get It

Photo courtesy: ApeCoin.com

Market News and Data brought to you by Benzinga APIs
Comments
Loading...
Posted In:
Benzinga simplifies the market for smarter investing

Trade confidently with insights and alerts from analyst ratings, free reports and breaking news that affects the stocks you care about.

Join Now: Free!