DeFi Yield Farming Aggregator ApeRocket Suffers $1.26M ‘Flash Loan’ Attack

ApeRocket, a decentralized finance (DeFi) yield farming aggregator, has suffered two flash loan attacks costing users $1.26 million.

  • The attacks occurred on ApeRocket’s Binance Smart Chain and its Polygon fork within a few hours of each other on Wednesday, according to a blog announcement.
  • The two hacks were carried out in Aave and PancakeSwap and amounted to a combined $1.26 million.
  • In both cases, substantial funds were borrowed in AAVE and CAKE, meaning the hacker held over 99% of the funds in the two protocol’s vaults. Large amounts of money were then sent to the vault contract leading to the minting of a high number of tokens, which the hacker then dumped.
  • The price of ApeRocket’s SPACE token crashed by around 63% as a result. No further SPACE tokens will be minted in the meantime while ApeRocket sets about compensating investors for the incident.
  • Yield farming refers to a process by which individuals can earn interest or rewards on crypto deposits they make with lenders. DeFi apps allow users to make financial transactions without going through a traditional intermediary like a bank.
Read more: Flash Loan Attack Causes DeFi Token Bunny to Crash Over 95%