Decoding ULME Token Flash Loan Attack
TL;DR
On October 25, 2022, ULME Token was attacked by a hacker who allegedly gained approximately 50,646 BUSD using flash loan.
Introduction to ULME
ULME is a token on Binance Smart Chain BNB Chain, but it has no social presence.
Vulnerability Assessment
The underlying source of the vulnerability is due to an indirect price manipulation using flash loans resulting from an unrestricted access control.
Steps
- The attacker initially used flash loans to borrow 1,000,000 BUSD.
- They then swapped the borrowed BUSD for $ULME tokens on PancakeSwap.
3. The attacker should have compiled a list of users who would approve the BUSD token to the $ULME contract.
4. The attacker called the buyMiner function of the $ULME token contract,passing in the list of users from the earlier step, and their corresponding amount.
5. In the underlying function, the attacker can manipulate the BUSD tokens previously approved to the users.
6. The attacker can additionally manipulate the BUSD of a large number of users, and swap to $ULME, thereby indirectly increasing the price of the token.
7. After the price increase, they swapped the $ULME token for BUSD, returned the amount borrowed during flash loan, and kept the remaining profit of 50,646 BUSD.
Aftermath
Following the incident, the underlying price of the $ULME token increased to a high of 0.394 before falling to 0.08 at the time of this writing.
How to prevent such an attack vector
In the indirect price manipulation attack, a trade on an AMM is utilised to discreetly influence the token price of a vulnerable DeFi application whose price mechanism is dependent on real-time status.
A flash loan attack can be mitigated to a greater extent by imposing a limit on the amount that can be borrowed in a single flash loan transaction, or using oracle-based services like ChainLink amongst many other precautions.
Protocol, and Platform Security
Our security team at Neptune Mutual can validate your platform for DNS and web-based security, smart contract reviews, as well as frontend and backend security. We can offer you a solution to scan your platform and safeguard your protocol for known and unknown vulnerabilities that have the potential to have catastrophic long-term effects. Contact us on social media if you are serious about security and have the budget, desire, and feeling of responsibility to do so.
About Us
Neptune Mutual project safeguards the Ethereum community from cyber threats. The protocol uses parametric cover as opposed to discretionary insurance. It has an easy and reliable on-chain claim process. This means that when incidents are confirmed by our community, resolution is fast.
Join us in our mission to cover, protect, and secure on-chain digital assets.
Official Website: https://neptunemutual.com
Blog: https://blog.neptunemutual.com/
Twitter: https://twitter.com/neptunemutual
Reddit: https://www.reddit.com/r/NeptuneMutual
Telegram: https://t.me/neptunemutual
Discord: https://discord.gg/2qMGTtJtnW
YouTube: https://www.youtube.com/c/NeptuneMutual
LinkedIn: https://www.linkedin.com/company/neptune-mutual
