Summer.fi Exploited for $6M via Flash Loan Vulnerability

USDC-0.01%
CRV0.18%
MORPHO4.07%
According to Blockaid, PeckShield, and CertiK, Summer.fi lost approximately $6 million on July 6 after attackers exploited a flash loan vulnerability to manipulate vault share accounting. The LazyVault_LowerRisk_USDC vault was the primary target. Security researchers determined the attacker borrowed $65.4 million via flash loan and manipulated liquidity across Curve's DAI/USDC pools and Morpho V2 vaults before extracting $6 million in profit. The stolen funds were converted to DAI and transferred to an attacker-controlled address. The flash loan was repaid within the same transaction, requiring no upfront capital.
Disclaimer: The information on this page may come from third-party sources and is for reference only. It does not represent the views or opinions of Gate and does not constitute any financial, investment, or legal advice. Virtual asset trading involves high risk. Please do not rely solely on the information on this page when making decisions. For details, see the Disclaimer.
Comment
0/400
No comments