- WOOFi faced an uptick in malicious activities after a recent flash loan exploit.
- Following the exploit, an impersonator X account emerged just hours later redirecting users to a phishing link.
After falling prey to malicious actors, WOOFi, a cross-chain decentralized exchange on Arbitrum [ARB], has suffered an $8 million flash loan exploit.
WOOFi gets attacked
For context, a flash loan exploit is a type of attack within the decentralized finance (DeFi) space, where an attacker exploits the unique features of flash loans to manipulate the financial system.
Flash loans allow users to borrow a significant amount of funds without collateral, as long as the borrowed amount is returned within the same transaction block.
The attacker then utilizes these borrowed funds to manipulate the prices or exploit vulnerabilities in decentralized protocols, such as decentralized exchanges or lending platforms. The goal is to create a temporary market imbalance, manipulate prices, or take advantage of vulnerabilities to siphon off funds.
Once the exploit is executed successfully within a single transaction block, the attacker repays the flash loan, leaving no collateral behind.
During the ongoing investigation conducted by WOOFi, it was revealed that the hacker exploited one of the oracles on Arbitrum, specifically impacting the WooPPV2 contract.
The assailant executed a “contained” flash loan attack to manipulate the price of WOO. Notably, the flash loan was repaid strategically during a dip in the underlying asset’s price.
Following initial alerts from Twitter handles Spreek and PeckShield, the Woo project team promptly paused its pools and initiated a thorough investigation. As of the current moment, the attacker has managed to siphon approximately 2,000 ETH worth of funds.
Malicious attackers get to work
While the DEX project is still in the process of finalizing its investigation, it has assured users that there is no immediate risk to their assets in Earn vaults, WOOFi stake, or other WOO contracts.
Despite facing financial setbacks, WOOFi is now contending with additional malicious actors attempting to exploit unsuspecting WOO users on X.
Just two hours post-attack, the WOOFi team issued a warning, cautioning users about an impersonator X account posing as the official handle of the project.
Realistic or not, here’s ARB market cap in BTC’s terms
The sentiment on the Arbitrum[ARB] network, on which the attack took place, remained relatively neutral.
The price movement of ARB, the token associated with the network also did not see any significant corrections.