"Euler Loses Nearly $200 Million to Flash Loan Attack"

London, UK-based De-Fi platform company Euler has recently lost a reported $196 million to a flash loan attack.  A flash loan is an instant unsecured loan controlled by smart contracts.  It allows a "borrower to obtain collateral, use that collateral for its purposes, and return the collateral to its source, provided it all occurs within a single transaction."  It consequently relies on a sequence of complex conditions.  The concept was pioneered in 2020 by the Ethereum lending platform Aave.  Details of this attack are not yet clear.  Euler stated that it appears that the attacker used flash loans to borrow from the De-Fi protocols Aave and Balancer and deposited the money with Euler.  The attacker then borrowed ten times the amount it had deposited with Euler.  Euler noted that the precise means, or vulnerability, by which the attacker could break the smart contract and keep the borrowings is unclear.  Nor is it entirely clear whether the attack has finished or whether it is still in process and more losses will be revealed.  Euler was founded in September 2020.  

SecurityWeek reports: "Euler Loses Nearly $200 Million to Flash Loan Attack"