Flash loan attack
Nerve Bridge protocols use code that was forked from Saddle.Finance. The Nerve Bridge attacker stole about 900 BNB worth over $537,000.This code contained a vulnerability in how it implemented two related functions: swap and swapunderlying. One target was the Nerve.3pool. This allowed swaps between fUSDT and an LP token of BUSD, USD, and USDC.
The Nerve Bridge attacker exploited this discrepancy using a flash loan attack. By using the swap function, the attacker was able to get an inflated number of LP tokens for the fUSDT they added to the pool. The attacker then removed the liquidity of BUSD from the pool to get BUSD, after which they then used the swapUnderlying function to exchange for more fUSDT than they started with.
DISCLAIMER: While Zero Friction LLC has used the best efforts in aggregating and maintaining this database, Zero Friction LLC makes no representations or warranties with respect to the accuracy or completeness, and specifically disclaim any implied warranties of merchantability or fitness for any particular purpose.
Under no circumstances, shall Zero Friction LLC be liable for any loss of profit or funds, any regulatory or governmental penalties, any legal costs, or any other commercial and non-commercial damages, including but not limited to special, incidental, consequential, or other damages from any or all usage of the dataset or information derived from our database.