The attack – the second in less than a week – began at just after 03:00 UTC Tuesday, when attackers apparently took out a flash loan of 7,500 ETH (approximately US$1.98 million), using 3,518 ETH (~$939,300) to purchase synthetic USD stablecoin sUSD from the issuer, which they then posted as collateral for a bZx loan, according to an analyst on Twitter.
They then used 900 ETH (~$240,000) to bid up the value of sUSD through an integrated price feed from liquidity provider Kyber Network until the dollar stablecoin spiked at $2. Using this inflated collateral, they took out another loan of 6,796 ETH (roughly $1.8 million) that was used to pay back the original 7,500 ETH loan, pocketing the remaining 2,378 ETH.
The total amount stolen is worth approximately $633,000, according to CoinDesk’s Ether Price Index. In its entirety, the attack took just over a minute from beginning to end. The exploiters have left an open loan with half the required collateral now that sUSD has returned to its dollar pegging.