Flash loan attacks on the Binance Smart Chain (BSC) are becoming an everyday affair now. DeFi protocols are becoming much more vulnerable to attackers exploiting the (BSC) platform. In a third flash-loan-attack incident within a week’s time, AutoShark Finance has been the latest victim.
Blockchain security and data analytics firm PeckShield reported this incident and has been also confirmed by AutoShark Finance. In its latest blog post, the DeFi protocol noted:
“Exploiter used $36,800,000, 100,000 BNB for the attack, and approximately 2,500 BNB was exploited — $822,800. 100,000,000 SHARK tokens were minted and used to drained all the liquidity in the LP pool because our token market cap was small (only at $2,000,000 approx) SHARK tokens, which are sold immediately via 1inch -> AnySwap.”
As per the data from Coin Gecko, the SHARK token has lost over 95% of its value over the last week. As we can see in the below chart, on May 18, SHARK was trading at a price above $2.0. At press time, it has tanked to a low of $0.05.
AutoShark Finance: All Funds Are Safe
In the blog post, AutoShark Finance confirms that no vaults have been compromised and all funds are safe. The deposits function has been disabled for now and the DeFi protocol will resume operations from 1st June after mixing certain issues and implementing all preventive measures.
If users want to withdraw their funds, they still have access to them via Panther Pools. AutoShark Finance has announced that they will be burning all their SHARK holding that were exploited during the exploit. Besides, they have also charted out a compensation plan. The plan notes:
We will be issuing a new token $JAWS to migrate and compensate the Original SHARK Holders for lost Market Cap (there were zero losses from our Vaults). The new token, $JAWS, will be distributed to all SHARK and LP Holders based on the snapshot on block: https://bscscan.com/block/7698695
BSC is becoming vulnerable to flash-loan attacks with DeFi investors and protocols subjected to economic exploitation. Over the last week, PancakeBUNNY and Bogged Finance were also the victims of such attacks.