Belt Finance exploited 6.2 million over a flash loan attack
The attacker managed to steal $6.2 million worth of BUSD converted to ETH via 1inch and partially withdrawn from Binance Smart Chain onto Ethereum.
The beltBUSD vault uses four strategies and a bug in the Elipsis strategy was used to leak out funds through the Venus strategy. If the 3EPS pool becomes unbalanced, the Elipsis strategy bug creates a value miscalculation.
The vault sends new deposits to the most undersubscribed strategy and pays out withdrawals from the most oversubscribed strategy to create balance between the four of them.
The hacker swapped approximately $200 million from BUSD to USDT using flash loans, unbalancing the 3EPS pool and activating the Elipsis strategy bug. The 4Belt pool at this point would have overvalued the hacker’s shares, paying out an additional 0.5% profit after the conclusion of the flash loan. This resulted in a $1M profit from a single $200M flash loan transaction.
The attacker repeated the transaction for several times, netting $6.2M in profit and causing $13M in total losses since $6M in fees were paid to the 3EPS pool.
While the DeFi sector is growing rapidly, this kind of exploit is taking place and causing damage to the project with the help of loopholes and security concerns.
This hack led to a condemnation of ‘fork culture’ where entire codebases are replicated without thorough audits. This issue has led to several flash loan attacks over the past few weeks.